Skip to Content
Computing

The end of passwords

Companies are finally shifting away from notoriously insecure alphanumerics to other methods of authentication.

February 23, 2022
The end of passwords conceptual image of phone, computer, and hardware key.
The end of passwords conceptual image of phone, computer, and hardware key.
Andrea D'aquino

Key players

Microsoft, Google, Okta, Duo

 

Availability

Now

In the early 1960s, MIT professor Fernando Corbató was developing a new kind of shared computer system and wanted a way for people to be able to protect their private files. His solution was a password. Over the years, Corbató’s fix won out over other means of authentication and became the standard way we log on to pretty much everything, everywhere. 

The catch? Passwords are inherently insecure. They can be stolen, guessed, or brute-forced. But mostly, people just use bad ones. (And, worse, reuse them.) 

Password managers like Dashlane and 1Password can track all those various alphanumerics for you and even replace the weak ones. But password management is a half measure when it comes to security. The real action is in eliminating passwords altogether. 

The process is already underway. Enterprise-oriented companies like Okta and Duo, as well as personal identity providers like Google, offer ways for people to log in to apps and services without having to enter a password. Apple’s facial recognition system has taken biometric login mainstream. Most notably, Microsoft announced in March 2021 that some of its customers could go completely passwordless, and it followed up in September by telling people to delete their passwords altogether. Those other methods of authentication? They’re finally winning.

You’ve probably experienced this for yourself. You go to log in to a site or fire up an app, and instead of being asked to enter a password you get a prompt to enter a six-digit code from your authenticator app, tap a notification on your phone, or click a link sent to your email. Or maybe you just need to raise your phone to your face. Easy peasy. 

As for typing in a bunch of characters and symbols you have to recall, write down, or store in a database? Good riddance to all that.

Curious about how hackers do what they do? Check out The Extortion Economy, our five-part podcast series about the ransomware crisis.

Deep Dive

Computing

child outside a destroyed residential building in Kiev
child outside a destroyed residential building in Kiev

Russia hacked an American satellite company one hour before the Ukraine invasion

The attack on Viasat showcases cyber’s emerging role in modern warfare.

hacked telecom concept
hacked telecom concept

Chinese hackers exploited years-old software flaws to break into telecom giants

A multi-year hacking campaign shows how dangerous old flaws can linger for years.

stock image of robots in a car plant
stock image of robots in a car plant

Transforming the automotive supply chain for the 21st century

Cloud-based tech solutions are helping manufacturers manage a new ecosystem of suppliers with greater agility and resilience.

Stay connected

Illustration by Rose WongIllustration by Rose Wong

Get the latest updates from
MIT Technology Review

Discover special offers, top stories, upcoming events, and more.

Thank you for submitting your email!

Explore more newsletters

It looks like something went wrong.

We’re having trouble saving your preferences. Try refreshing this page and updating them one more time. If you continue to get this message, reach out to us at customer-service@technologyreview.com with a list of newsletters you’d like to receive.