Unlocking Devices
Consumers should use a 4-6 word DiceWare passphrase to unlock their phones, tablets, and desktop computers. This strong passphrase should be memorized or written down and securely stored. DiceWare is considered a rock-solid technology, but hasn’t yet found popular acceptance. As a consumer product development practice, Loistava doesn't make technology. Loistava makes technology popular. Our next product is an updated, physical, modern version of DiceWare designed for wide distribution.
Logging In To Online Accounts
The era of memorizing passwords in bulk to log in to online accounts is over. We are now squarely in the era of the Password Manager, an elegant and amazingly effective solution. Consumers should use a high-quality Password Manager, either built-in to their browser or a standalone application. Password Managers create long, truly complex passwords composed of random characters that look like r8:W3=7uU0VpcS; impossible to remember but — that's the point. Consumers should use a DiceWare passphrase as their master password for their Password Manager. Correctly using a high-quality Password Manager means ordinary consumers are:
Using a Password Manager also massively shortens the length of the interruption in the consumer’s “flow” as they use a website.
By locking their devices when they walk away from them, and correctly using a Password Manager, consumers don't even need to know what their passwords are. Typical users can eliminate 95% of the pain of passwords. Right Now. Today. Not sometime in the future. This is our current reality.
Paper Password Storage
As attractive as this solution is, some consumers don’t trust Password Managers, or simply don’t want to use them. Their best bet is to write their passwords down and securely store them. Some consumers will use a combination of techniques, writing down and securely storing passwords for their most sensitive accounts, and using a Password Manager for their other online accounts.
Although perfect bound books are used most frequently for paper password storage, we’re developing a compact, multi-ring binder which provides a separate page for each online account. This approach provides users with greater flexibility to add or remove pages and to alphabetize or otherwise sort their password pages.
Multi Factor Authentication (MFA)
Consumers should enable MFA on every online account which offers it. MFA isn’t perfect, especially “legacy MFA” systems which use SMS text messages to deliver security codes to consumers. But even “legacy MFA” is better than none at all, and consumers are familiar with it. MFA which uses physical security keys is the best solution currently available.
People Using Passwords With Computers began at scale in 1961. Within weeks the policy change at the Massachusetts Institute of Technology (MIT) went sideways, with users writing their passwords on small pieces of paper and leaving them at their workstations, or sharing passwords with their coworkers. Within 18 months the entire list of passwords was compromised. Over the decades since then, the very highest-level thinking about passwords has changed radically. People Using Passwords With Computers has been replaced with Computers Using Passwords With Computers, While A Human Looks On.
Anthony Collette is a Senior Consent Form Editor at the largest Institutional Review Board (IRB) in the United States. This regulatory agency has reviewed over 1,000 COVID-19 research studies, conducted at more than 12,000 locations. Mr. Collette analyzes complex medical documents, synthesizes the central concepts, and translates technical jargon into relatable language directed to the non-technical research participant. These skills transfer perfectly to the task of analyzing and understanding the conflicting and often outdated advice given about passwords, stripping away what’s unnecessary, and getting down to the actionable core of the issues. https://www.linkedin.com/in/tonycollette/
Trever Garrison has 20+ years of experience sourcing, designing and developing exclusive consumer products for national retailers Dillards, JCPenney, Chico’s, Nordstrom, and Sur La Table. Often these private-label brands and products generated more revenue and exceeded goals and expectations of national and designer-branded product. Currently Trever serves as a Merchandise Development Manager at Pokémon Center. https://www.linkedin.com/in/trever-garrison-69361112/
Copyright © 2020 - 2023 Loistava, LLC - All Rights Reserved.
Powered by GoDaddy