Passwords: does size matter, what characters?
Jason Stephenson
jason at sigio.com
Fri Mar 10 17:28:01 EST 2006
Drew Van Zandt wrote:
> Also... what drives me crazy is that requirements conflict on websites
> where security isn't important anyway, so I can't use the same
> password for all the ones that don't really matter. PASSWORDS ARE
> NEVER GOING TO BE THAT STRONG, get over it and use real authentication
> (2-factor) if it's that important.
Ah, yes, two-factor authentication based on something you can forget and
something you can lose. ;)
Seriously, though, I believe that passwords are great for letting people
in and lousy at keeping people out.
I *think* I mostly agree with Drew, though. I actually do use the same
or very similar passwords on many different web sites where the security
doesn't really matter.
When I need a "good" password, I run my little pgen program that spits
out line noise (or the equivalent). I write it down, and after I've used
it a couple of times, my fingers remember it.
More information about the gnhlug-discuss
mailing list