- Sep 15, 2008
- 5,055
- 198
- 116
The science of password selection
- Thread starter Chiefcrowe
- Start date
Anyone try this yet? A while back I had read about USB thumb drive password vaults, I was thinking about getting a few of them to break up our familys accounts. One for my bank info, one for my wifes, commerce websites, forums, throw away passwords, etc. Can these types of software keep multiple vaults?
- Sep 15, 2008
- 5,055
- 198
- 116
sportage
Lifer
- Feb 1, 2008
- 11,492
- 3,162
- 136
Speaking of passwords.
[rant] I get very irritated at being forced to create site passwords going by "their" rules. Some sites have such retarded security requirements that it is impossible to remember the procedure to sign in. Where you end up writing everything down so you can remember how to login. And that alone negates your security protection. And just when you might start to remember, it all expires. You are suddenly forced to change EVERYTHING to something else just as complicated that you will never remember without writing it down.
Just let users makeup their own password. Period.
Something they themselves can remember.
When logging in or on is made so complicated where the user can't even remember, then security has gone too far. That's my simple rule.
Password security should keep others from accessing your information, not you.
And it should also be up to the user as to when they wish to change their password.
Any password procedure one has to write down to remember has just gutted the whole security process for that site.
And after all... Your ATM card has four simple password numbers, that never change.
Imagine if you had an 8 to 12 digit ATM card password to remember. Requiring both alpha, numeric, special characters, and at least one cap letter.
Can you imagine the pissed off ATM users?
And the high number of card users that would need to write down and carry their ATM password in their billfold along with their card?
Not to mention the thousands of daily calls to the call center for forgotten passwords, eaten atm cards due to incorrectly entered passwords,
or access lockout. I mean really!!!!!
We need a law.
User defined passwords ONLY! "Passwords by the people, for the people."
And ENOUGH with these nerdy brainless security department programmers that think up all this password nightmare shit.
Let the user take the security risk when creating their own password(s). [/rant]
[rant] I get very irritated at being forced to create site passwords going by "their" rules. Some sites have such retarded security requirements that it is impossible to remember the procedure to sign in. Where you end up writing everything down so you can remember how to login. And that alone negates your security protection. And just when you might start to remember, it all expires. You are suddenly forced to change EVERYTHING to something else just as complicated that you will never remember without writing it down.
Just let users makeup their own password. Period.
Something they themselves can remember.
When logging in or on is made so complicated where the user can't even remember, then security has gone too far. That's my simple rule.
Password security should keep others from accessing your information, not you.
And it should also be up to the user as to when they wish to change their password.
Any password procedure one has to write down to remember has just gutted the whole security process for that site.
And after all... Your ATM card has four simple password numbers, that never change.
Imagine if you had an 8 to 12 digit ATM card password to remember. Requiring both alpha, numeric, special characters, and at least one cap letter.
Can you imagine the pissed off ATM users?
And the high number of card users that would need to write down and carry their ATM password in their billfold along with their card?
Not to mention the thousands of daily calls to the call center for forgotten passwords, eaten atm cards due to incorrectly entered passwords,
or access lockout. I mean really!!!!!
We need a law.
User defined passwords ONLY! "Passwords by the people, for the people."
And ENOUGH with these nerdy brainless security department programmers that think up all this password nightmare shit.
Let the user take the security risk when creating their own password(s). [/rant]
Last edited:
If you check the link in the last sentence of the article, you will see that the best password policy is to use passwords you can't remember. Instead, you remember a single password for your PW manager, and it remembers all the others for you.
TRENDING THREADS
-
Discussion Zen 5 Speculation (EPYC Turin and Strix Point/Granite Ridge - Ryzen 9000)- Started by DisEnchantment
- Replies: 25K
-
Discussion Intel Meteor, Arrow, Lunar & Panther Lakes Discussion Threads
- Started by Tigerick
- Replies: 21K
-
Discussion Intel current and future Lakes & Rapids thread- Started by TheF34RChannel
- Replies: 23K
-
-
Facebook
Twitter