DarkLink
08-23-2012, 03:51 PM
So supposedly, the more random and obscure a password is, the stronger it is. The more weird symbols and digits, the better. The longer the better.
Except how are you supposed to remember "l#$KN29J/*03b6s" is your password? And when you have to change the password every months? And when you're not supposed to write it down? And when you're supposed to remember passwords for your bank accounts, email addresses, facebook, and the half-dozen other online accounts you have?
It's particularly annoying when websites force you to use complex password formulae. "Must contain at least three Upper Case, five Lower Case, three Numbers, and two Symbols (@#$%^&*)" exacerbates the problem. Which is pretty much pointless, as even a basic computer can brute force a password in a few seconds.
And, of course, you can just have your computer memorize most passwords, so if anyone can access your computer they have free reign.
Scott Adams, writer of Dilbert, has a decent idea: http://www.dilbert.com/blog/entry/?EntryID=763&print=1
Of course, there's the problem that most hacked passwords are broken due to things like, well, looking over a person's shoulder, or infecting their computer with a keylogging virus, making any password useless: http://www.canadianbusiness.com/article/90427--the-problem-with-passwords
And, of course, XKCD has some insight to share (complete with forum discussions: http://ask.metafilter.com/193052/Oh-Randall-you-do-confound-me-so#2779020, http://ask.metafilter.com/193052/cm.bell-labs.com/cm/ms/what/shannonday/shannon1948.pd).
http://i.stack.imgur.com/060UH.png
Maybe in the future we won't even directly need any passwords: http://www.canadianbusiness.com/blog/tech/88991--a-world-without-passwords-yes-please
Except how are you supposed to remember "l#$KN29J/*03b6s" is your password? And when you have to change the password every months? And when you're not supposed to write it down? And when you're supposed to remember passwords for your bank accounts, email addresses, facebook, and the half-dozen other online accounts you have?
It's particularly annoying when websites force you to use complex password formulae. "Must contain at least three Upper Case, five Lower Case, three Numbers, and two Symbols (@#$%^&*)" exacerbates the problem. Which is pretty much pointless, as even a basic computer can brute force a password in a few seconds.
And, of course, you can just have your computer memorize most passwords, so if anyone can access your computer they have free reign.
Scott Adams, writer of Dilbert, has a decent idea: http://www.dilbert.com/blog/entry/?EntryID=763&print=1
Of course, there's the problem that most hacked passwords are broken due to things like, well, looking over a person's shoulder, or infecting their computer with a keylogging virus, making any password useless: http://www.canadianbusiness.com/article/90427--the-problem-with-passwords
And, of course, XKCD has some insight to share (complete with forum discussions: http://ask.metafilter.com/193052/Oh-Randall-you-do-confound-me-so#2779020, http://ask.metafilter.com/193052/cm.bell-labs.com/cm/ms/what/shannonday/shannon1948.pd).
http://i.stack.imgur.com/060UH.png
Maybe in the future we won't even directly need any passwords: http://www.canadianbusiness.com/blog/tech/88991--a-world-without-passwords-yes-please