While some organizations such as Google and Microsoft want to kill off passwords, it’s not an easy task considering that it’s a traditional form of authentication used heavily by almost all online services. Back in 2016, the National Cyber Security Centre (NCSC) – which is a UK Government organization that provides guidance on cybersecurity – pushed people to choose a combination of three random words as their password when signing up online instead of thinking up or reusing a complex password. The topic sparked quite a debate, and now, the organization has shed more light on why it gave this advice.
The NCSC has highlighted that most websites enforce the use of complex passwords which usually includes a combination of multiple characters and symbols. This counter-intuitively makes the job of malicious actors easier too since they can use these rules to optimize brute force attacks. It also means that people reuse the same password or variations of it across multiple websites because it’s tedious to create and remember numerous…