Password Hell: Is Gen Z Our Canary In The Digital Coal Mine?
Folks, we need to talk about passwords. And data. And the absolute circus that is our digital lives these days. But most importantly, we need to talk about Gen Z, because they might just be our canary in this digital coal mine we've built for ourselves.
Remember when you just had to remember your best friend's phone number? Those were the days. Now we're expected to conjure up an ever-expanding universe of passwords that would make a cryptographer's head spin: uppercase, lowercase, numbers, symbols, your first pet's zodiac sign, and probably a blood sacrifice too.
Don't believe me? Let's look at what the experts are saying. Lorrie Cranor, director of the CyLab Usable Privacy and Security Laboratory at Carnegie Mellon University, puts it brilliantly: "The problem with password requirements is that they make passwords harder for humans to remember but they don't necessarily make them harder for computers to guess."
Amen, Lorrie. We're jumping through hoops, and for what? So we can forget our passwords and lock ourselves out of our own accounts? It's like we're all contestants in some sadistic game show where the prize is just being able to check our email.
But wait, it gets better. Let's say you've finally remembered your password and logged in. Congrats! Now you just have to verify your identity. Again. And again. And maybe one more time, Dante’s circle of password hell.
Troy Hunt, the cybersecurity guru behind "Have I Been Pwned," recently tweeted about this exact nightmare: "Just spent 20 mins on the phone to my bank. 3 transfers, repeated identity verification each time, all to do something I could have easily done online if their system wasn't down. We need better ways of managing identity and security."
Troy’s got it right. It's like we're all Bill Murray in "Groundhog Day," doomed to repeat the same identity verification over and over. Except it's not funny, and Sonny and Cher aren't playing.
Now, here's where Gen Z comes in. These digital natives, born into a world where "online" is just... life, are looking at all this and saying, "Nah, we're good."
Neil Sahota, a United Nations Artificial Intelligence Advisor, writes in Forbes, “We already live in a world where people are used to sharing everything online. Young millennials and Generation Z fall victim to them the most of any generation because they’re used to giving information away. Data security is still paramount, but the strong belief for data privacy is pretty much dead.”
Wait, what? They're just... okay with it? At first glance, it sounds like they're throwing in the towel. But maybe, just maybe, they're onto something. They've grown up in a world where every click, every like, every embarrassing dance video is part of their digital footprint. They know the score.
But here's the million-dollar question: Is this acceptance a sign of defeat, or is it the first step toward a new way of thinking about digital identity?
Because let's face it, the current system isn't working. We're drowning in passwords, drowning in security questions, and for what? So companies can harvest our data like we're some kind of digital crop?
Dr. Larry Ponemon of the Ponemon Institute, writing in Security Magazine, drops this sobering stat: The average business user has to keep track of 191 passwords. That's not security, that's a full-time job.
And it's not just about the hassle. All this data we're forced to cough up in the name of "security" -- our names, addresses, social security numbers, mother's maiden name, favorite color of our imaginary pet unicorn -- it's all just sitting there. Waiting. Like a ticking time bomb of identity theft.
So what's the solution? Two-factor authentication? Biometrics? A return to carrier pigeons and secret handshakes?
Well, biometrics sounds great until you realize its inherent dangers. "I want to address a common misconception," iProov founder and CEO Andrew Bud told Dark Reading, "which is that somehow a biometric is like a password and, therefore, like a password, if it were stolen or compromised, then it would become worthless. That is a fundamental conceptual error because a biometric -- like a face -- is not a secret."
Great. So we can't remember our passwords, and we can't change our fingerprints. Fantastic.
Maybe Gen Z has the right idea. Maybe the first step is acknowledging that perfect privacy in a digital world is about as realistic as me winning an Olympic gold in synchronized swimming.
But that doesn't mean we roll over and play dead. Instead of chasing the impossible dream of perfect security, maybe we need to start thinking like Gen Z. Be smart about what we share. Understand the value of our data. And most importantly, demand better from the companies that are so eager to gobble up every scrap of information about us.
Because in this brave new digital world, our data isn't just ones and zeros. It's us. Our likes, our dislikes, our habits, our lives. And shouldn't we have a say in who gets to know us?
So here's my challenge to you, whether you're a boomer longing for the days of rotary phones or a Gen Z-er who can't remember a world without WiFi: Let's stop playing this rigged game. Let's demand better. Let's create a digital world where we're not constantly jumping through hoops just to prove we are who we say we are.
Because if we don't, we might wake up one day and realize that in our quest for digital security, we've locked ourselves out of our own lives. And trust me, no password reset is going to fix that.