why we still use passwords

Why we still use passwords

Most articles about security and passwords make the trade off between
security and convenience. The authors state that you can have it
secure or convenient but not both.

There is actually another trade off to make: the trade off between
security and privacy.

The world of cryptography knows of server certificates and client
certificates. Server certificates allow users to verify that they are
connected to the right servers and not to a man-in-the-middle attacker. I’ll
leave out the problems like Diginotar that undermine this security.

Client certificates identify users to servers. To make it work, a user
needs to have his credentials (ie. passport) validated against his
person and when the Certificate Authority is satisfied, they sign a
certificate. The problem is that the certificate binds the full -real
world- identity of the user. To use the certificate means to fully
identify yourself at every internet login, with every message. It
obliterates all privacy you have.

Obliterating privacy is a too high a price for most people to gain
some extra security. On top of that, you have to pay a lot to get this
privacy-smashing certificate.

I believe that this trade off is the reason we still use passwords. It
offers the right balance between convenience and privacy, but at an
alarming price for security.