2
0
MasterPassword/why.html
Maarten Billemont a710dd6f91 Improve linking.
2018-04-21 11:42:24 -04:00

108 lines
6.6 KiB
HTML

---
nav: Why
title: Why do I need it?
order: 1
layout: default
---
<section id="intro">
<h1>{{ page.title }}</h1>
<h2><img src="{% link img/frustrated_625996.svg %}" title="https://thenounproject.com/term/professor/625996/" />
Passwords are frustrating.</h2>
<p>We all struggle so hard, trying to keep our accounts secure.</p>
<p>But we're admittedly terrible at it, and what's more, we really don't <i>want</i> to have to bother with it.</p>
<hr>
<p>There's a lot of noise about passwords lately. Accounts of popular people and friends alike getting hacked. Huge data leaks have become common news. And every time we're reminded of our need to be good virtual citizens &mdash; <q>keep good passwords</q>, <q>use unique passwords for every site</q>, <q>nothing predictable or simple</q>. How do we keep up?<br>And even more importantly so, how do we keep safe without sacrificing our freedom for that safety?</p>
<p>Do you really <i>have</i> passwords?<br>
Or does something or someone else <i>have</i> them for you?</p>
<div class="widget_gallery">
<h2>Where do <i>you</i> keep your passwords?</h2>
<ul>
<li><label for="mp_keep_head"><img src="{% link img/password_head_336886.svg %}" title="https://thenounproject.com/term/password/336886/"></label></li>
<li><label for="mp_keep_notebook"><img src="{% link img/password_notebook_4740.svg %}" title="https://thenounproject.com/term/password/4740/"></label></li>
<li><label for="mp_keep_app"><img src="{% link img/password_app_667404.svg %}" title="https://thenounproject.com/term/password/667404/"></label></li>
</ul>
<input type="radio" name="mp_keep" checked>
<div>
<p>Go ahead, select the box that represents your current approach to passwords.</p>
<p>Let's consider a few important questions you may be asking yourself.</p>
</div>
<input type="radio" name="mp_keep" id="mp_keep_notebook">
<div>
<h2><img src="{% link img/password_notebook_4740.svg %}" title="https://thenounproject.com/term/password/4740/">
The password notebook.</h2>
<p>Have you considered?
<ul>
<li>What you'll do if you don't have your book with you?</li>
<li>What if it's found by people you cannot trust?</li>
<li>How easy it is to take a picture of the pages while you're not there?</li>
<li>What might happen if the book is damaged (eg. coffee spill), lost or stolen?</li>
<li>How often do you find yourself copying passwords out onto other notes?</li>
<li>Do you keep a backup notebook?</li>
<li>Are these actually strong passwords?</li>
</ul>
</p>
</div>
<input type="radio" name="mp_keep" id="mp_keep_app">
<div>
<h2><img src="{% link img/password_app_667404.svg %}" title="https://thenounproject.com/term/password/667404/">
The vault in an app.</h2>
<p>Have you considered?
<ul>
<li>Can you still use a computer that doesn't have your app set up?</li>
<li>Are your passwords synced over to your many other devices?</li>
<li>What companies now have access to all of your secret information?</li>
<li>Do you need to be worried about news of a large hack on this company?</li>
<li>What will you do if you lose your device, or don't have access to it?</li>
<li>Are you well protected if a virus or person copies your vault?</li>
<li>On a trip, could a foreign officer confiscate your device and compel you to unlock it for them?</li>
<li>Are these actually strong passwords?</li>
</ul>
</p>
</div>
<input type="radio" name="mp_keep" id="mp_keep_head">
<div>
<h2><img src="{% link img/password_head_336886.svg %}" title="https://thenounproject.com/term/password/336886/">
The privacy of memory.</h2>
<p>Have you considered?
<ul>
<li>You might forget passwords you haven't used for several months or years?</li>
<li>Do you use shared passwords across different accounts, thereby hugely increasing the attack surface of these passwords?</li>
<li>Are each of your passwords sufficiently random or variations of a theme?</li>
<li>If someone tricked you into signing up for a fake site, could the password you gave help them get into your other sites?</li>
<li>Do you find yourself using helpers such as sticky notes?</li>
<li>Do you have a backup plan in case your memory gives out?</li>
<li>Are these actually strong passwords?</li>
</ul>
</p>
</div>
</div>
<h2><img src="{% link img/head_key_336882.svg %}" title="https://thenounproject.com/term/password/336882/" />
A password is something you know,<br>
not something you have.</h2>
<p>You walk up to the entrance of an invite-only night club.<br>
At the entrance, a large man, thick leather vest, stops you in your tracks. <q>Password, please?</q></p>
<hr>
<p>Passwords are secrets which we are expected to remember. Writing passwords down is highly frowned upon &mdash; and rightly so. The secret leaves your head and is out in the open. It's like confiding in your friend, and then she goes and puts it in her diary, which anyone could find.</p>
<p>Things we <i>have</i> &mdash; car keys, a badge, the garage remote &mdash; are things we can lose or get stolen. We need to keep them safe, protected and always on-hand. This is a real hassle, and we don't want that headache for our dozens of passwords.<br>
Things we <i>know</i> are things we can keep secret, they are locked away safely in our head where none can get to them.</p>
<p>And yet, we are now expected by websites everywhere, to make and remember secret passwords for each of them, while also making them non-personal and unique? This is intolerable. No wonder many of us defect and write our passwords down wherever we can &mdash; often in the form of digital notes or password "vaults".</p>
<p>But this is a panicked reaction to a problem we simply don't know how to handle:<br>
<b>The problem of passwords for everything</b>.</p>
<h2><img src="{% link img/thumb-iphone-broken.png %}"></h2>
</section>