On the Origins of the Password
The torches flicker in the gentle evening breeze. Your band of travelers shuffles onward, weary from the day’s long travel. Ahead you glimpse a shining light, brighter than the torches that line the road – the town gates. You pass the message around among your brethren, a word on whispered wings: solitude is almost at hand. With renewed vigor, your group tromps forward, eager for a soft bed and a warm meal.
Not long after the moon had finished its unyielding climb, you arrive at the gate – dust tickling your throats and exhausting clawing at your back. If you got out of this nightmarish cold in the next moment, it would still be too long a wait. You are halted by a pair of guards, stalwart and immovable, who cross their pikes in front of the gate, barring your way. You see the stern, steely eyes of a man on edge stare back at you from the shallow depths of a helm – a shiver that has nothing to do with the night air creeps throughout your body.
“The Watchword?” he asks, unblinking still. The question triggers a memory – the password that you were given to ensure safe passage. “Antediluvian,” you respond relaxing in the security of the word.
The guard nods, curtly, and both pikes silently retreat – safety awaits as you and your kin walk slowly onward.
Passwords are ancient. The practice of demanding proof of identity in exchange for something of value – be it peace, information, or passage to safe haven – has been around far longer than anyone often cares to think. When you think of the origins of the password, you might think of the first days of computing, the first edition of a video game save, or maybe even dusty old cryptography methods from days only recently past. We often forget – secrets are nothing new. Why, then, should the desire to protect those secrets be seen as a modern innovation? Let us take a look at the possible origins of password security, then, and the various forms they have taken throughout the years.
Digital Password Security
A modern password is just another extension of digital cryptography – one factor in password security that protects the door to personal, corporate or otherwise private information. That’s where the journey to understanding the origins of the password begins – with cryptography.
The password, as I’ve stated, is just another layer of that – a code that grants access to information, much like a cipher can be
decrypted to reveal a legitimate message.
Of course, there are always those who will stop at nothing to bypass password security, and that is why cryptography and the password are still staples of secret-keeping today – secrets are still worth protecting.
There is an interesting article on Authentication Best Practices – A Brief History of Security that discusses this idea in a lot more detail – feel free to check it out. The major point is that the data breach culture of today is nothing new. Really, it is a much older phenomenon that has recently been thrown into the spotlight. Secrets were designed to protect something and value is not a modern concept.
Modern cryptographic methods are verbose – there are as many ways to encrypt data as there are to represent that same data – those are the perks of the digital world. The top-shelf players in the cryptography market today are the Secure Hash Algorithm family (SHA), Triple Data Encryption Standard algorithm (DES), RSA and the Advanced Encryption Standard (AES) used by the U.S. Government.
All of these methods bring up another important question – where did the idea for modern cryptography and password security come from? It might seem like a sophisticated and mathematically complicated notion, but that brings us to our next stop in the trip to determine the origins of the password.
Ciphers and the Sophistication of Secret-Keeping
Quick, what is a cipher?
I’m willing to bet that you knew the answer to that right off of the top of your head – to some degree, anyway. Hollywood has shown us so many variations of the cipher that it isn’t something that the average person is unfamiliar with.
The thing is, ciphers come in many forms, and that is part of what makes the culture of cryptography and password security so robust today. One day, a previously ‘unbeatable’ cipher would be cracked, and a new one would be developed that was more complicated and verbose, and the cycle continued all the way up into the modern age. That is the way these things work.
Talk of ciphers typically brings to mind ages of spy craft and warfare, or to the more curious, perhaps even notions of secret societies (I’m sure you’ve read the Dan Brown novels or seen the National Treasure films).
There are many instances of ciphers being used to protect secrets, below are a few of my favorites:
- Julius Caesar uses a Substitution Cipher to Transmit Messages Securely
- The life of Mary Queen of Scotts hangs on the strength of her Cipher
- The Creation of the Vignere Cipher
- Arab Scholars Crack the Monoalphabetic substitution cipher using frequency analysis after centuries of its security.
What do all of these historical instances have in common, aside from their use of cryptography? What do they have to do with password security?
They represent a consistency in the interest of secret-keeping and the importance of having a strong key – a strong password. Following these historical references back is simple – the records bring us to the exact moments in time when each representation of secret keeping was important and why, and they give us a glimpse at the footprint that shows us the very beginnings of modern day password security.
Ancestors and the Eldritch Past
There is some debate about how far back various forms of encryption actually go.
That being said – there have been documented instances of cryptography as far back as ancient Hebrew cultures, and even the Spartans had their own cipher for encoded messages and the like. The point is: ciphers have been around for a very long time.
The most ancient instance of ciphers and encryption of a sort, however, is thought to be found in the form of hieroglyphs carved in the tomb of Khnumhotep II – roughly around the time of 1900 BC. To put that into perspective for some of our mathematically deterred individuals (myself included – math hates me) that’s almost 4,000 years ago.
Four Thousand Years Ago.
There has been some disagreement on whether or not these hieroglyphs are a valid form of cryptography, as they seem to be intended primarily to instill a sense of mystery or confusion – but I see this as a very early form of the ideas behind cryptographic reasoning. In this case, password security is transformed into a simple knowledge of proper language – certain symbols and communications are valid, and some are not. To those in the know, the information is clear and legible. To those without the proper knowledge – obscurity covers the truth.
That is the most basic form of passwords and cryptography that I can think of. It is similar to a made-up language that only yourself and select others can understand and communicate in – or even using something like Klingon to communicate: only those in the know are able to decipher the secrets within your communications.
Regardless of the debate on the 1900 BC hieroglyphs, the Ancient Egyptians also provided us with the Rosetta Stone (created in 196 BC)– a veritable goldmine of information and value for translation and understanding the ancient past.
It is also one of the oldest versions of a password that we know of.
The Rosetta Stone was written in the three primary scripts of the time – Hieroglyphics, Demotic and Greek. In this way, the Stone allows a reader to translate characters from a modernly understood language (Greek) into a more ancient, once-lost form of communication (hieroglyphics). The Rosetta stone provided a literally password into the vault that contained the secrets to deciphering one of the worlds most ancient texts – the stories of the Egyptian Pharaohs and their ilk.
If we track the origins of the passwords back through time – from today’s modern password security methods, to the various forms of cryptography leading up to them, the Rosetta stone is one of the oldest physical representations of what a password actually is – a Key.
What Have We Learned?
This journey is all well and good; cryptography has been around for ages and ages – since recorded history began, it would seem. The real question, then – like in any scientific exploration – is to determine what this means for the here and now. What does any of this mean for passwords and password security today?
Take to Google, or even your favorite technology news site and you are almost guaranteed to see some mention of the Death of the Password. I’ve even talked about the Death of the Password myself, and for good reason – It’s always on our minds. Part of the culture of cryptography and secrecy is making a better mouse trap, and everyone seems to think that removing the password is the step towards a better system of security.
My point – and please feel free to discuss this with me in the comments section – is that the password will forever be around, just perhaps in a different form. In all of recorded history, the password has evolved and changed, even in name and appearance, but it has always been there. So long as secrets need keeping, a password will be there to ensure secure and authentic access to sensitive information.
It may come to pass that our eyes, our voice, or even our very DNA become the next level in password security – but changing the appearance or even the material behind a password does not change the nature of what the action entails. Cryptography is a multi-tiered process, and there will always be a front door that needs securing.
Say what you will, but if an overview of the origins of the password and password security has taught me anything, it is this: no matter what you call it, the password is here to stay.
Have a different opinion? FANTASTIC! I would love to hear it, so feel free to leave a comment and we’ll get a conversation going.