Mat Honan:
Your email. Your bank account. Your address and credit card number. Photos of your kids or, worse, of yourself, naked. The precise location where you’re sitting right now as you read these words. Since the dawn of the information age, we’ve bought into the idea that a password, so long as it’s elaborate enough, is an adequate means of protecting all this precious data. But in 2012 that’s a fallacy, a fantasy, an outdated sales pitch. And anyone who still mouths it is a sucker—or someone who takes you for one.
Bingo. Social engineering is far more effective than brute force. Who cares how many weird character combinations your passwords contain when people are charged with their safekeeping? Just ask Honan - he was hacked this summer. The traditional username and password is a paradigm that must evolve.