Passwords, oh my!

I just spent 15 minutes trying to log to blogger.com after a two month hiatus. Even though I had actually written my user name and my password in a note book, I just could not seem to get it right, even if it meant copying what I had actually wrote. How embarrassing! I have no explanation for it, except general sloppiness in the handwriting.

I had dutifully followed the advice of several technology columnists on how to choose the right password. I make them long, with a combination of upper and lower cases, numbers, and so on! Plus I write part of them in French, hah! hoping to fool the linguistically-challenged crackers. Anyway, I gave up, chose to change password, and produced another long, upper and lower case, blah blah blah, fantastic password. Of course, I also had to remember my email account password (I use a yahoo account just for the blog.)

I still remember why I wanted to "blog" today. I read today on wired.com that Microsoft will start selling next month a new product, a keyboard, or a mouse, equipped with a fingerprint reader! I followed the link provided in the article and listened to the perky product presentation on the Microsoft site. No more passwords! We would just need to place our finger on the reader each time we are prompted to enter a user name or a password.

What I find bizarre is that the fingerprints will be a way to identify the user, but also to authenticate this identity, since they "replace" user names and passwords. I am not sure this is such a great idea, security-wise.

Also, finger prints may not infallible. I had read in the Wall Street Journal (Despite Its Reputation, Fingerprint Evidence Isn't Really Infallible, June 4, 2004) an opinion by Michael Saks, Professor of Law at Arizona State University. According to Professor Saks, it is not possible to prove that two fingerprints are indeed unique.