The History and Future of Passwords
The inception of passwords in the 1960s changed the digital world as we know it. Passwords are now an unconscious standard practice in the lives of most, and from your first pet to the street you grew up on, they are deeply ingrained in our minds.
The first passwords introduced the concept of authentication to cybersecurity, or the ability to prove one's identity through a passcode, PIN, security question, or other secret means of identification. But passwords are not secure, and never have been—almost immediately after passwords were invented, the first breach occurred. The history of passwords has been a strange, inconvenient journey, but one that has led us to much better authentication solutions.
Fernando Corbató first presented the idea of passwords at MIT in 1960, without any idea of the huge societal and security impact it would have. At the time, the Compatible Time-Sharing System (CTSS) had recently been developed and was available for research use, but lacked a way to secure private files by user. Enter the password.
For years, the password was something only used in research and academic circles, without any major real-world applications, but as computers became more accessible, hackers attacking operating systems became more prolific, frequent, and targeted. When computers began to make their way into homes and offices, the true weakness of passwords was discovered.. Even Beyond Identity founder, Jim Clark, recognized his role in making the password a commonplace form of authentication.
But there is good news on the horizon: what was originally considered a pitfall of owning a device is now something we can fight back against with passwordless technology.
Since the early years of passwords, we have seen many transformations in digital identity and authentication, but some things, unfortunately, remain the same. In 2020, the Verizon DBIR reported that over 80% of data breaches involved the use of lost or stolen credentials, further proving that passwords are just as insecure as they were in the 1960s.
But we are no longer relegated to the CTSS or insecure authentication methods, and that’s where Beyond Identity comes in. Rather than trying to enhance password security or add additional factors or security questions, we eliminate the insecure factor altogether—passwords.
Check out an in-depth timeline of the history of passwords.