Are passwords a bad idea in general?

[CM30]

Now I'm not sure what to replace them with (maybe some kind of automatic verification system based on a USB style device or something like what they do for extremely high level in security in some real world government agencies), but the whole concept of a password is kind of broken in this day and age and I'm not sure it's a good idea.

For example, as much as people blame 'idiots' for reusing the same password, I'm not sure I can really blame them. Think of it. You seemingly need to either remember about ten or twenty different long, complicated passwords for each site, or write it down to have a hope in hell of not using the same weak password for every site. It really does seem like it's a huge hassle for a lot of people this whole security crap. And don't recommend password managers, you shouldn't need to use a third party tool for things this basic, right?

I'm honestly wondering whether we should just a find better security system/solution in general than passwords and what it might be.

 

[Brandon]

I don't see how passwords could be removed from the web, I do see lots of 2 step verification setups going around. Google has that option on all their apps, it'll send you a text when you go to login. You have to have your phone or a sms phone that you can accept text though.

 

[Dan Hutter]

I had the two step authenication setup on Facebook over the winter. We had a bad storms that knocked out the cells in my area. No Facebook I wasn't a happy camper, lol. I turned that crap off.

 

[Cerberus]

I saw someone mention the idea of using HWID instead of passwords. Which is not a bad idea. I think it would work fairly well. It would take some doing to spoof it. Not saying its not possible, but it could be a decent alternative.

 

[Brandon]

I saw someone mention the idea of using HWID instead of passwords. Which is not a bad idea. I think it would work fairly well. It would take some doing to spoof it. Not saying its not possible, but it could be a decent alternative.

Hardware ID's?

 

[cpvr]

I had the two step authenication setup on Facebook over the winter. We had a bad storms that knocked out the cells in my area. No Facebook I wasn't a happy camper, lol. I turned that crap off.

That and I have two step on my Google account. I love it.

 

[Brandon]

That and I have two step on my Google account. I love it.

I liked it for a while but it can get annoying if you have to log into new apps from your phone.

 

[thenextGeek]

The one with the usb is pretty sweet. Although what would happen if you lose your usb? Its not like you can automatically get a replacement right?

 

[thenextGeek]

Double post sorry. Anyways, I'll just provide another reply so that the space will be worth it.

I'm not familiar with HDIDS. Would someone care to explain it to me? I'm really sorry for being a noob regarding that. I also agree that using the same old passwords again and again for every website somehow poses a risk to the safety if your account but what can we do about it? Its really hard to memorize different passwords for different kinds of sites.

 

[Jessi]

I really don't know what they could be replaced by that would be any more secure. I don't mind having to remember passwords if it helps keep other people out of my accounts. The USB idea is neat, but I would be so afraid of losing it, too.

 

[cpvr]

I liked it for a while but it can get annoying if you have to log into new apps from your phone.

Ya, it is annoying. A few times in the past "Your password is wrong", its right, I know it is. So, I just reset it again. I'm also glad how Namecheap has security features that sends you an email if an IP has logged into your account. Same with yours, it'll send you one regardless.