I came across an interesting article/rant this morning. At first I thought it was the usual “I hate the password policy”, but the post brought up an interesting point.
Here’s the problem as Billy puts it:
“… you are unable to use the same complexity for your passwords to various sites. Hence the reason why sites always have the “I forgot my password…” option prominently available on their log in page. It’s because people, myself included, can’t remember all of these damn usernames and passwords.”
And here’s his solution:
“I recommend that there be a strict, yet reasonable, username and password standard that all sites support and recommend.”
Hm, that’s a pretty good idea: a standardized password policy.
Yes, we all know using a password manager (like PassPack - shameless plug!) will take the burden off remembering all those passwords. But abiding by an openly defined standard would certainly help raise the security bar on many sites which now have lackadaisical password rules.
Just something to think about while you await the new Beta 4 release of PassPack - 2 days left! The Beta 4 release is online. Sign up for PassPack here.
Tags: PassPack, password manager, passwords, security, lifehack, standards, password policy
2 Comments
Will that really help ?
It would be very easy to crack in once you have a *standard* set for the SECRET CODE.
May be with bio passwords in some years..
that could be possible and feasible i guess..
@maverickroark
Well, I was thinking more along the lines of a set minimum of rules for a strong password policy. For example, anyone adhering to the hypothetical standard must require at least, say, 8 characters, accept spaces (pass phrases), support non-alphanumerical characters and agree to never send email conformations with passwords written in plain text.
But you’re correct in that, if the rules are too strict, then they would form an easy basis for crackers to use to narrow their algorithms.
Post a Comment