Two ways of Declaring Death of Password while Relying on Password
I posted “Truly Killed or Just Hidden from Sight ? “ a few days ago on a Wired report titled “Apple Just Killed the Password — for Real This Time”- https://www.linkedin.com/posts/hitoshikokumai_apple-just-killed-the-passwordfor-real-this-activity-6940204678047481856-Aqcn
I mentioned “Just Hidden from Sight?” in there; we know there are at least two ways to claim that the password is declared to have been killed while the password actually stays alive, just hidden from our sight.
1. Look away from the presence of ‘default/fallback password’
Biometrics needs a fallback measure against false rejection that no biometrics can escape due to its inherent probabilistic nature. A password registered as the fallback measure is not used when the user is not falsely rejected. It is supposed to be used only occasionally when the user is falsely rejected.
It wouldn’t be so a big surprise if some people alleged that they killed the password by looking away from the presence of a default/fallback password.
2. Kill ‘password’ by replacing it with ‘pincode’
By our criteria, a pincode is no more than a numbers-only weak password. So, trying to replace a password with a pincode is no different to trying to replace a knife with a paper knife.
Apparently, those people have a different lexicon.
In the above two cases, we would not have to bother too much. It might well be a matter of LOL.
However, should they have truly killed/ditched/eliminated/removed the password (secret credential) altogether, we have to be horrified; we are facing a very grave consequence of not just security but also democracy being seriously threatened.
Digital identity blogs collected at https://www.linkedin.com/pulse/collection-digital-identity-comments-hitoshi-kokumai-posted-kokumai/