The Last HITB Security Conference in Malaysia

Hands-on Technical Trainings - 13th & 14th October

Triple-Track Conference - 15th & 16th October


Capture the Flag - 15th & 16th October

HackWEEKDAY - 15th & 16th October

CommSec Village - 15th & 16th October


The Password is Not Dead

The Romans invented passwords over 2,000 years ago. Passwords or watchwords were used in the military, passed on each day from unit to unit in a coordinated and simple fashion. Fail-safes were even built into a system which was simple, straightforward, and most importantly difficult to crack.

Today people are creating new passwords every single day in order to gain access to the latest social network, order something through an online store or just to view content on a website. By contrast to the time of Caesar, passwords today are complex, confusing and, most worryingly of all, easy to crack. It seems as if we have not come a long way over the last 2,000 years.

To say the password is dead is to state the obvious. The problem is, we have been stating the obvious now for some 20 years. It has been clear for almost two decades that the username/password system we use every single day does not work in today's always-on, always-connected world.