Hogwarts and email accounts: lessons for the Muggle world

The magical world of Harry Potter is all about spells, magical artefacts and passwords. In our, digitalized Muggle world, passwords also play an increasingly important role. In this article, we want to look at similarities and differences between passwords in Harry Potter, passwords in the muggle world and personal identification numbers (PIN).

Reading time:

5 min

Share

Image by storyset/Freepik

Passwords - magical door openers

Passwords do not only play a role in our world and in the world of Harry Potter. Essentially every fantasy world is familiar with the concept of passwords (we may for example think of Lord of the Rings). The idea is always the same: knowing a certain word (or, in the digital world, more often a complicated combination of characters) provides access to areas that require special protection.

Pig Snout and password security

Many rooms at Hogwarts, such as the students’ common rooms or the Headmaster’s office, are secured by passwords. If a student forgot an the respective password, access to the common rooms was denied and a night in the corridor beckoned.

Passwords are apparently an essential part of the security concept at Hogwarts and are taken appropriately seriously. Accordingly, passwords are also changed more frequently at Hogwarts than happens in probably 80% of Muggle households.

By the way, the passwords at Harry Potter are usually normal dictionary entries, such as “Pig Snout”. Of course, this is no role model for password users in the digital world. In Hogwart, this practice is only legitimised by the fact that no brute-force attacks with more than to two billion passwords per second can be performed.

Passwords from a historical perspective

Acutally, the use of passwords at Hogwarts has a real historical background. According to the German Wikipedia article on passwords, the term password (composed of to pass, in the sense of to pass by and the term word obviously) has been around since the 16th century (although it can be assumed that similar concepts were used much earlier) and was mainly used in a military context during that time. A password was needed to identify oneself as a member of the respective company, in order to gain access to the respective camp or fortress and to be able to pass the respective guard.

Passwords Today

Nowadays, passwords are mainly used in a digital context. The guard has been replaced by the input mask and reciting the password is equivalent to entering the password into that mask. Passwords, in the sense of their use as in Harry Potter, probably hardly exist any more in serious contexts. However, the mystical power of words that open up access to secret areas through their use still holds a lot of phaszination. For example, children still like to use passwords to grant entry into pillow castles or tree houses.

The PIN - the little sister of the password

Closely related to the password is the PIN (personal identification number). Both PINs and passwords serve as means of identification: entering them is supposed to ensure that the user is actually authorised to use the corresponding services. However, historically, there have been subtle differences between the two concepts.

The PIN and the bank card

The PIN was developed and actually patented by two English scientists in the late 1960s, namely in connection with the invention of the automatic teller machine. The first ATMs used cheques with machine-readable numeric codes. Very quickly, however, the need for an additional security measure became apparent: if someone unauthorised lost the cheque book (or, a little later, the magnetic card), it was possible to empty the associated account without any problems. So the PIN was introduced as an additional security measure. The PIN was thus an integral part (and probably the first technical realisation) of two-factor authentication (2FA): If you want to access your money, you need the hardware in the form of the bank card as one factor and the knowledge of the PIN as the second factor.

The PIN as part of a 2FA

PINs are still a common part of a 2FA these days. PINs are used particulary to protect a terminal device (such as a mobile phone). In this case, PINs are stored in the device itself, i.e. in the mobile phone or in the laptop, which may also be the reason for the impression that PINs are “more secure”. Even if someone knows a PIN in this cas, it is useless without the device. On mobile phones, a PIN also has the advantage over an actual password that it is easy to enter despite the small display.

Pin and password today

Historically and in terms of their use, PINs and passwords can therefore be very well distinguished. A password has always been used to gain entry to a protected room, initially consisting of a word and later of any string of characters. The PIN, on the other hand, has been part of two-factor authentication from the beginning and is still mostly used in this context today. However, the boundaries between the respective concepts often blur. For example, alphanumeric character combinations can be chosen for many PINs nowadays, and passwords are increasingly also part of two-factor authentication.

Password instead of biometric data?

Nowadays, biometric data are increasingly used as a security measure. For example, most smartphones can now be unlocked by a fingerprint. However, the time of PINs and passwords is not over yet. On the one hand, because you might not want to leave your fingerprints on every computer where you check your e-mails, and on the other hand, because biometrics do not offer 100% protection as well. For example, we know from various crime novels that a cut-off finger opens a door without any intervention on the part of the original finger owner.

By the way, the door guards in Harry Potter also always ask for the password, although one might assume that the gatekeepers may know the authorised students after a while. But in Harry Potter in particular, biometrics obviously don’t play a major role, since it is possible to take on any external form with manageable effort (but some potential danger).