Home > 2011 > Identity Theft > Beginning of the End for Online Passwords?

Beginning of the End for Online Passwords?

Advertiser Disclosure Comments 2 Comments

YourPasswordHas_Eric_Schmuttenmaer_CCFlickrHow many websites do you currently visit that require you to log in with a username and password? Five? Dozens? And how many times do you type the same password into many different sites? If you’re like most people, you probably don’t invent an entirely new password for each site. How could you possibly remember them all?

This is just one way in which the current system of online security is broken, according to the Obama administration. Now the Commerce Department has a roadmap for figuring out how to fix it. The department recently released a “National Strategy for Trusted Identities in Cyberspace,” and it’s intended to bring new levels of trust to online commerce.

“The fact is that the ‘old’ password and user-name combination we often use to verify people is no longer good enough.  It leaves too many consumers, government agencies and businesses vulnerable to ID and data theft,” Commerce Secretary Gary Locke said in a press conference. “This is why the Internet still faces something of a ‘trust’ issue.  And it will not reach its full potential—commercial or otherwise—until users and consumers feel more secure than they do today when they go online.”

[Article: The Epsilon Breach: Don’t Take the Bait With Phishing Scams]

The administration’s plan veers away from the model implemented in some European countries, in which a government agency hands out identification numbers that people can use online. That “creates unacceptable privacy and civil liberties issues,” Locke said.

Instead, the department wants private companies to come up with a system of “identity credentials” stored on smart cards or cell phones. Consumers could plug the cards or phones into computers to check their bank accounts, make online purchases or log in to email accounts.

The administration hopes that better authentication of online users could help reduce the number of people defrauded online. Last year 8.1 million Americans were victims of identity theft or fraud last year, costing them $37 billion, according to the Commerce Department.

[Fraud Resource: Free Identity Risk Score and personal risk profile]

Image: Eric Schmuttenmaer, via Flickr.com

Comments on articles and responses to those comments are not provided or commissioned by a bank advertiser. Responses have not been reviewed, approved or otherwise endorsed by a bank advertiser. It is not a bank advertiser's responsibility to ensure all posts and/or questions are answered.

Please note that our comments are moderated, so it may take a little time before you see them on the page. Thanks for your patience.

  • Christopher

    Here’s how you set up a “nearly” unique password for each site:

    Select 2-3 characters from the site’s address, ALWAYS using the characters from the same position. For example, for credit.com you could use “ed” and for google.com you could use “og”.

    Select 5-6 characters that mean something to you, like G00se.

    Select a short, easy to remember sentence, like “Ilikeapples?”

    Mash them together: edG00seIlikeapples? for credit.com, and ogG00seIlikeapples? for google. This gives you a nearly different, yet easily remembered, password for every site. Make sure you include numbers and special characters. Not every site will take the entire password, but you’ll learn where to stop for each site.

  • http://www.mycloudkey.com Gurudatt

    There are many online password managers which perform this role of having a master password that generates unique passwords for different websites.

    However, if someone hacks your master password all your other websites will also be hacked.

    If the master password is locked to a device the user uses to sign in, then it will be more difficult for someone to hack it.

    Such a solution is available with MyCloudKey.com

  • Pingback: >La contraseña perfecta « LA FOTO OLVIDADA DE AYER()

  • Pingback: Beginning of the End for Online Passwords? - Identity Theft 911 Blog()

Certain credit cards and other financial products mentioned in this and other articles on Credit.com News & Advice may also be offered through Credit.com product pages, and Credit.com will be compensated if our users apply for and ultimately sign up for any of these cards or products. However, this relationship does not result in any preferential editorial treatment.