Rage Against The Machine: Are Passwords Driving Us Mad?


There is little doubt that we’re becoming increasingly frustrated with the sheer number of passwords we have to remember every day. According to a Centrify survey last year looking at digital identities, over a quarter of the respondents said they enter a password online more than 10 times a day, which is potentially 3,500 to 4,000 times a year. It is no surprise our frustrations are getting the better of us.

IT security professionals attending Europe’s premier security event, Infosecurity Europe, in London, echoed this back in June. When asked if they were suffering from so-called ‘password rage’, a third admitted that they are sometimes driven to crying, screaming and swearing. It is unlikely to be an exaggeration either – if anything, we are probably underestimating the scale of the problem.

When we announced the results publicly it certainly caught everyone’s imagination, from radio talk shows to TV programmes. Comparative to road rage and air rage, password rage is all the rage.

In our Infosec Europe poll, a quarter admitted they forget their password at least once a day and 5% said they can never remember their password. It’s interesting that 22% of those who took part said they never forget their passwords. Security professionals might be an exception to the rule. Had we taken this survey onto the streets of London, for example, the figure would have been much higher.

The problems do not stop there. Apparently the rest of the office (or household depending on where your password failings manifest themselves) is also likely to suffer from our password frustrations.

One in six of us admit to screaming or shouting in the office if we forget our password, and one in seven moan at work colleagues. Some even admit to running off and slamming the door, and even banging their head on the desk. Surprisingly only 2% are likely to disappear off to the pub.

Surely it hasn’t come to this? But yes it seems it has. As if we don’t have enough frustrations in our lives, passwords are an added irritant. The problem is they’re also an essential part of what we need in order to do our jobs and live our lives, whether it’s accessing online services and applications at work or shopping, banking and social media accounts in our personal lives.

As we’ve said before, the password, while a modern day problem, is actually an ancient form of security. The combination of username and password is the most common form of authentication, but it’s also the most insecure.

Passwords are no longer fit for purpose – we have too many of them, we tend to use the same ones time and time again and we don’t change them often enough. Even when we do make them hard to remember (the cause of our password rage surely?) there is someone out there ready to crack them.

The rules have changed and the technology needs to change with it. As businesses continue to adopt cloud applications and systems, identity is fast becoming the new perimeter. Protecting identities is crucial for the way we do business today, which means no longer relying on passwords, but focusing on securing our identity as individuals.

Barry Scott

Barry Scott is CTO EMEA at Centrify.