Passwords are an unavoidable part of everyday life. However, they are generally considered to be a very poor solution for protecting data and users. A brief history of passwords and their future, with Christelle André Pons, cyber security consultant at Sogeti.
The use of specific words to establish credentials goes back a long way. Two centuries B.C.E., Roman army sentries were already using “summons words” (question) and “passwords” (answer), written on wooden tablets, to secure a perimeter. In the early 18th century, the famous “Open Sesame” in Ali Baba and the Forty Thieves introduced the idea, which persists to this day, of a “magic phrase” protecting a secret place and the treasure it holds.
The principle did however not take hold worldwide until the 20th century, with the advent of digital technology. Fernando Corbató, an engineer at MIT, was the first to use a password-based system to access a computer in 1961. Within a few years of their introduction, bank cards became widespread and in 1972 Lloyds Bank in Britain became the first to add a PIN (Personal Identification Number) to bank cards. A simple four-digit code became the universal key for consumers to use their money. But it was obviously the spread of personal computers in the 1980s, followed by the democratisation of the Internet in the 2000s, that led to an explosion in the use of passwords.
In fact, there are so many of them today that you now need dedicated applications – Dashlane, 1Password, LastPass or others – to manage them. In 2015, Dashlane found that the average user has 90 accounts and online credentials, and in 2017, LastPass found that the average employee manages… 191 passwords.