When I write at home, I work on a desktop computer with bells and whistles. I use single sign-on software to eliminate my need to remember passwords. When I am away, I use my Chromebook, which uses Google to save user identification and passwords. Unfortunately, however, I have encountered frequent hiccups with passwords or identity out-of-synch events. On this vacation, it happened with my annoying credit card. Yesterday, it happened again when trying to deal with our airline flight home requirements.
I know that online identification and passwords are there to stop cybercriminals. Today, more companies require two-factor identification. In the last month alone, I think I have been asked more than a dozen times to check my mobile phone for a text message containing a unique string of numbers that I then have to type in to prove I am me.
My phone has a fingerprint and facial recognition ID. The facial recognition doesn’t work in low-light conditions, and the fingerprint has never worked. Instead, I type in a personal identification number or PIN more often than not to get my mobile online presence started.
Stuck in a Password Godless AI World
I could blame my increasing frustration on old age. I am 77. There is more to this, however, than my senescence. A February 23, 2026, article in The Register, a British tech newsletter that appears regularly in my inbox, describes the growing password challenge.
Did you know that passwords were first used in 1961? Since MIT introduced them, Rupert Goodwins writes, “We are now stuck with this godless world. Passwords have hit retirement age, yet show no signs of going away, voluntarily or forcibly. They are, unhappily, getting worse at their job.”
Why is that? Escalating cyber threats is the common refrain of computer geeks. They describe artificial intelligence (AI) as the latest threat. It is no longer just human cybercriminals doing the phishing, stealing online credentials, and compromising machine identities.
Today, online access to your financial information, business dealings, health records, and more comes with layered defences like multi-factor authentication (MFA) and anomaly detection. One of the reasons I looked for a universal single sign-on (SSO) application for my desktop computing system was to avoid the hassle of repeatedly having to remember my passwords for the innumerable apps I have accumulated over the past 40 years.
Former Password Alternatives
Dongles
I remember in my working life being introduced to the security dongle. These small pieces of hardware were similar to the streaming devices used for television today to access Netflix, Prime, Britbox and AppleTV. The dongle plugs into a computer USB port. It contains software bearing a unique ID or encrypted data and with the user responding to several identification and validation requests. Dongles are like house keys but harder to copy. The downside to them is if you forget to keep it with you, you are blocked, whether working on site or at home.
SSO
That’s why SSO is more attractive to the average user seeking a level of security that bypasses the multiple layers of security defences we face today just to access online banking and other common activities.
When I started using SSO, I thought my userID and password issues would vanish. They have not. Why? If an SSO gets breached, it is even less secure than the multiple identifiers and passwords you may have written down on Post-It notes stuck to your desk or computer screen. Instead of one breach, you create a massive single point of failure, giving cybercriminals access to everything in your online identity.
Digital Sovereignty and Other Challenges
Goodwins writes about the most recent “new wrinkles” in password security. He describes them as “too-clever-by-half.” The goal is to create invulnerability with AIs now being used to generate strong passwords. Goodwins says they may look “invulnerable to compromise,” but “are less than perfect after all.”
Digital sovereignty is a growing issue in the Trumpian world, with Microsoft, Apple and Google, all American companies, providing most of the online services we rely on today. Goodwins asks what if these American companies withdraw access to their services on the behest of the President? Annoying Trump could see all your passwords and access vanish.
The Future of Passwords and Online Security ID
Then there is the question of establishing a single security standard for SSO. Companies like Google, Microsoft and Apple profit from proprietary systems even for SSO. They don’t want a universal standard that infringes on profits.
It will get worse before it gets better states Goodwins. AI will ensure the former. He argues that using AI to generate passwords means introducing “a global orgy of info-swapping among the robots, without a single silicon condom in sight.” Goodwins advises not to use it rather than share your digital presence “with a universe of mischievous djinn.” If you don’t understand the reference, Goodwins suggests you watch the Sorcerer’s Apprentice, a scene in Disney’s movie, Fantasia, as a refresher.
Today’s two-factor identification is an attempt to overcome the weaknesses of current password-based online security. Using two-factor means the perpetuation of older security identifiers like the PIN. It still works when backed up by three-strike security lockouts. What’s obvious to me, however, after this last week’s online challenges, is that nobody I ended up talking to asked me for my PINs. So, clearly, many working in banking and the airline industry no longer see PINs as reliable.
Meanwhile, a fingerprint sensor on your mobile device is not easily duplicated without purchasing an extra device to plug in. And facial recognition doesn’t easily transfer from a mobile phone to a desk or laptop. In addition, facial recognition faces numerous hurdles. It is skin-tone biased, recognizing lighter complexions than darker. It works better with men than women, younger than older. It performs poorly in low lighting or if the face it is viewing is on an angle. And finally, AI can be used to generate a 3D mask that fools the best facial recognition systems available today.
What’s The Solution?
Goodwins states, “passwords are broken.” He advises that security specialists need “to sit in a room for a month and fix it.” That shouldn’t involve using an AI band-aid, but rather requires agreement on creating a universal standard. In the meantime, I continue to use my SSO at home and Google when I travel and feel the frustration that comes when these security ID systems break.
