Sign up for our daily briefing

Make your busy days simpler with Axios AM/PM. Catch up on what's new and why it matters in just 5 minutes.

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Catch up on coronavirus stories and special reports, curated by Mike Allen everyday

Catch up on coronavirus stories and special reports, curated by Mike Allen everyday

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Denver news in your inbox

Catch up on the most important stories affecting your hometown with Axios Denver

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Des Moines news in your inbox

Catch up on the most important stories affecting your hometown with Axios Des Moines

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Minneapolis-St. Paul news in your inbox

Catch up on the most important stories affecting your hometown with Axios Twin Cities

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Tampa Bay news in your inbox

Catch up on the most important stories affecting your hometown with Axios Tampa Bay

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Charlotte news in your inbox

Catch up on the most important stories affecting your hometown with Axios Charlotte

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Photo: Oliver Berg/picture alliance via Getty Images

No one likes passwords as a standalone tool to authenticate users. Since 2012, many groups have moved to "kill the password," using that phrase specifically. Yet we'll end the year of 2019 as password-dependent as always.

The big picture: The adage goes that there are three ways to authenticate users: asking them for a thing they know (like a password), a thing they have (like a house key) or a thing they are (like a fingerprint scan).

  • "A thing you know" is the only one of these a hacker can guess.

Everyone wants to kill the password. Google wants to kill the password. Microsoft wants to kill the password. The National Cyber Security Alliance wants to kill the password. Yahoo wanted to kill the password in 2015. Cellphone companies tried to kill it in 2014.

"Passwords won’t even be mostly dead anytime soon, because the fatality won’t spread to legacy applications that are too expensive to retrofit," said Wendy Nather, head advisory chief information security officer of Duo Security, a Cisco-owned company that specializes in bolstering login security.

The intrigue: There are other options than passwords for consumer-friendly security.

  • A widely supported passwordless encryption protocol called WebAuthn is the most recent attempt to codify a global standard.
  • Microsoft, and others, offer apps that use cellphones to authenticate.
  • Google and Facebook allow users to login once on their services and log into other sites based on their go-ahead.

But, but, but: Users have a tendency to assume that authentication systems that are easier to use are less secure — that, somehow, the amount of effort it takes the user to do something is indicative of how difficult it would be for a hacker to break in.

  • The Facebook breach shows some of the dangers of using a website with multiple moving parts as a centralized clearinghouse of user authentication.
  • And, in general, for the security savvy consumer, it's always safer to use multifactor authentication — say, a thing you have plus a password or a biometric plus a password.

Editor's note: Wendy Nather is the sister of David Nather, managing editor at Axios.

Go deeper

2 hours ago - Health

Fauci: COVID vaccine rollout needs to prioritize people of color

Anthony Fauci. Photo: Alex Wong via Getty Images

Infectious disease expert Anthony Fauci highlighted the need to address racial disparities in the COVID-19 vaccination process, per an interview with The New England Journal of Medicine on Wednesday.

What he’s saying: "I think that's the one thing we really got to be careful of. We don't want in the beginning ... most of the people who are getting it are otherwise, well, middle-class white people."

The Mischief Makers

Illustration: Sarah Grillo/Axios

Several Republican and Democratic lawmakers are emerging as troublemakers within their parties and political thorns for their leadership.

Why it matters: We're calling this group "The Mischief Makers" — members who threaten to upend party unity — the theme eclipsing Washington at the moment — and potentially jeopardize the Democrats' or Republicans' position heading into the 2022 midterms.

3 hours ago - Politics & Policy

Obama speechwriter fears Biden unity drive is one-sided

Cody Keenan (right) is shown heading to Marine One in December 2009. Photo: Mandel Ngan/AFP via Getty Images

President Obama's former speechwriter says he's "preemptively frustrated" with President Biden's effort to find unity with Republicans.

What they're saying: Cody Keenan told Axios that Biden's messaging team has "struck all the right chords," but at some point "they're gonna have to answer questions like, 'Why didn't you achieve unity?' when there's an entire political party that's already acting to stop it."