Passwords have invaded our daily lives. The very notion of passwords has become suffocating for many, so numerous and demanding have they become.Takinga step back, we realize that this notion is evolving. It has evolved and deteriorated. But thanks to modern, elegant platforms like Memority, it's still evolving and improving.
In the beginning was the verb
The idea of a password is a very old one. It comes from the register of magic: a magic word that opens access. The first passwords were not personal or complicated. You just had to know them - or guess them.
Without going back as far as the famous "Open sesame!" from the 1717 Tales of the Thousand and One Nights, let's review two masterpieces of twentieth-century literature.
In the first volume of J.R.R. Tolkien's TheLord of the Rings, published in 1954, the Fellowship of the Ring led by Gandalf the Grey, in order to enter the Mines of Moria, must open a great portal decorated with an Elvish inscription, the Gates of Durin :
At the top was an arc of intersecting letters in Elvish script. Underneath, although the threads were in places faded or intersected, was the outline of an anvil and hammer surmounted by a crown with seven stars. (...) The words reveal nothing of importance to us. They say only this: "The Gates of Durin, Lord of Moria. Speak, friend, and enter."
The password is not individual, nor is it complicated. You just need to know it to enter. And it only takes a good knowledge of the Sindarin elvish dialect to guess it*.
In the fourth chapter of Umberto Eco's Foucault's Pendulum, published in 1988, the narrator Casaubon attempts to access the texts hidden by Jacopo Belbo in his primitive micro-computer, christened Aboulafia.
In fact, no sooner had I loaded the machine than a message appeared asking me: "Do you have the password? As if to say: "Just think, everything you want to know, I've got right here in my belly, but you can scratch away, you old mole, you'll never find it.
Here again, the password is neither individual nor complicated. You just need to know it to get in. And it only takes a good knowledge of exquisite Italian politeness to guess it**.
The curse of personal, strong and numerous passwords
The world has changed. Today, passwords are supposed to be personal, unique to each individual and specific to each system. A password is associated with your username - account number, e-mail address, Social Security number, etc. - and allows you to prove your identity. It enables you to prove your identity. You are strongly encouraged never to share any password. And you're also strongly encouraged to have a different password for each system. This, when you're lucky enough to have access to dozens, if not hundreds, of systems!
Today, passwords are also supposed to be complicated - they're called "strong". "Password" is bad. "Julie" is better. "Julie55": even better. "Julie55+": more effort. "Lo4EeZxtfaMbhNUSEPAu": that's good, that's strong, that's secure! Phew!
And then you have to generate the same kind of password for each system, always different for each of those hundreds of systems. And finally, you have to learn them by heart, and voila, you're safe. Yippee!
Today, everybody hates passwords. The magic is gone.
Less is more
Fortunately, the story doesn't end there. It will certainly be impossible to go back to the elegant passwords of Moria Mines and Aboulafia.
Today, elegance is in the solutions themselves. Today's passwords - personal, distinct and strong - are just a stage in the process, and will soon be a thing of the past. The new solutions are personalized, individualized, as much as individual logins and passwords, authenticating exactly the right person. The new solutions are strong, solid, even more so than passwords like "LoTReZxtfaMb3lB0EPAu" or encrypted certificates doped with 2048-byte polyphosphate amphetamines like the well-known game.
Some of these solutions send a single-use code of a few digits to your phone or mailbox. Others rely on the fingerprint reader or camera of one of your personal devices. Still others rely on the accounts you already have on the operating system of one of these devices, or on features or memories in the bowels of these same devices. Still others delegate to others. And others combine several of the aforementioned "authentication factors".
The return of magic
Gandalf the Grey and Jacopo Belbo would have loved these solutions. These solutions are within the reach of all organizations using modern identity and access management platforms, such as Memority.
As Arthur C. Clarke wrote:
Any sufficiently advanced technology is indistinguishable from magic.
Epilogue
* Gandalf interpreted the Elvish inscription too quickly. The inscription he had translated as "Speak, friend, and enter" actually means "Say: friend, and enter". The password is therefore "mellon", the Elvish word for "friend".
** Casaubon read Belbo's question too quickly. The question is, "Do you have the password?" The answer is obvious. The password is "no". Belbo was a polite man.
