Why Password Services Are Still Relevant, Even Though They’re Getting Hacked

By David Gewirtz

Passwords suck. They do. The idea that we’re hiding critical and confidential information behind two code words (a user name and a password) is fundamentally ludicrous. Maybe, in the 1960s, when passwords were first used to protect computer systems, they were workable security barriers. But today? They’re about as effective for security as using two paper cups connected by a string is for telecommunications.

And yet, we rely on passwords. Yes, some more mission-critical environments have implemented alternatives or additional factors, like biometric identification. But if you’re online, almost everything you access will be via a user name and a password.

Back in the day, when many of us had to keep track of only five or six accounts, we often used the same password for everything. In fact, analysis of password breaches have shown that — to this day — “123456” is still the most common password. In fact, the word “password” is only the fourth most popular password, after 123456, 123456789, and Qwerty (the keys on the first row of every keyboard in the universe).

Most folks now know not to use the same password for multiple services. If one service is breached, at least you know that the same password can’t be used at other services. But that gave rise to a new problem: keeping track of what password goes to what service.

We have so many passwords, it’s impossible to keep track of them. Speaking personally, I have thousands of them.

To solve t...