We put four questions about password use to Kevin Bauer, the Emerging Technologies Librarian at the Upper Arlington Public Library. Here are his responses:
1. What are the top 3 questions regarding the use of online passwords that you get from the public?
- Can I use the same password from another account?
- How do I reset my password?
- What is my password? (this usually proceeds the previous question)
2. Managing an ever-growing number of passwords can be frustrating. Are there specific recommendations that you can make that might help us manage our passwords more effectively?
The key to managing your passwords is to have a system for keeping track of them. This does not include trying to remember all of your passwords, because there are too many. If you try to remember all of your passwords, eventually you will either not remember them, or you will use shortcuts like reusing passwords, which reduces the security of your accounts.
Instead, choose a place to record your passwords that is convenient, so you always have access to them. I prefer a password manager app because I usually have my smartphone with me. Password managers (PM) allow you to store you passwords securely (you need a password to unlock them) and they can help you create strong passwords for all of your accounts. My favorite PM is 1Password, and I used Keepass before I owned a smartphone.
3. Do you think that passwords will be replaced by other, more secure ways of protecting our online information in the near future?
Based on what I’ve seen, I don’t foresee that passwords will be replaced in the near future. The challenge of creating an alternative to passwords is that it needs to be simultaneously secure and convenient, which is a tricky balancing act. My best guess is that instead of one killer app that solves the password problem, accounts will require users to complete a combination of steps to verify their identity. This is already an option for Gmail, Dropbox, Amazon and most banks, which allow users to enable two-factor authentication for their accounts. After you enter your password, a text message is sent to your phone with a code that you input to complete the sign-in.
4. Do you have any advice for people who may wish to know about password protection?
They can attend our upcoming programs for privacy week. There is a specific program about passwords, and I recommend the other programs as well. Passwords are only one aspect of online security and privacy, and the more you know about the topic generally, the easier it is to understand and make decisions about your accounts and information. Regularly reading publications like Wired, ArsTechnica or the technology section of your favorite newspapers and magazines will also help you understand security and privacy trends.
- Choose Privacy: Who's Watching You? May 1 from 1-2 pm
- Choose Privacy: Forgot Your Password? May 4 from 7-8 pm
- Choose Privacy: Cryptoparty! May 7 from10 am - 4 pm