Password Rage

from the too-much dept

Last year, we wrote about how, for most people, memorability is more important than security when it comes to choosing passwords, but some sys admins will have none of that. They’re forcing increasingly difficult to remember passwords on people in the name of security. Of course, this often backfires, since those who need to remember such passwords just end up writing them down on a post-it note and stick it to their monitor. While it makes sense to give users certain rules, forcing them to create passwords that simply can’t be remembered doesn’t seem likely to help anyone. This is one area where biometrics could definitely help, but we’re still a ways off from that being common.

Rate this comment as insightful
Rate this comment as funny
You have rated this comment as insightful
You have rated this comment as funny
Flag this comment as abusive/trolling/spam
You have flagged this comment
The first word has already been claimed
The last word has already been claimed
Insightful Lightbulb icon Funny Laughing icon Abusive/trolling/spam Flag icon Insightful badge Lightbulb icon Funny badge Laughing icon Comments icon

Comments on “Password Rage”

Subscribe: RSS Leave a comment
westpac says:


I set up a new employee with a user account last week. I explained the rules for generating a new password and she typed her selection in and hit enter and got the “illegal password” screen. She tried twice more and I casually mentioned that you couldn’t use your user name as a password as the system would reject it. All the color drained from her face, and she said “er, I’d better think of a different password…”

LittleW0lf says:

No Subject Given

I probably could get zapped by somebody, but why would you want to hack my things? I’ve got nothing anybody wants.

Security Solely Through Obscurity excuse # 5:
“I’ve got nothing anybody wants.”

Usually stated minutes before the person’s machine is rooted and used to send out 1,000,000 SPAM messages to every address stored in the address database.

If you have a computer on the internet, you have something that someone wants, even if it isn’t your information on your computer.

This guy is a moron, just like half of the other whiners in the article. Yes, passwords are difficult to remember, but that doesn’t mean that they should be gotten rid of. I’ve got 128 byte passphrases that I can remember just by choosing a phrase which means something to me. Nobody says the password has to be difficult to remember, it just has to be difficult to guess (as shown in several technical studies, including one linked above.)

Then again, Joe Sixpack doesn’t have enough creativity to muster such a simple concept.

Add Your Comment

Your email address will not be published. Required fields are marked *

Have a Techdirt Account? Sign in now. Want one? Register here

Comment Options:

Make this the or (get credits or sign in to see balance) what's this?

What's this?

Techdirt community members with Techdirt Credits can spotlight a comment as either the "First Word" or "Last Word" on a particular comment thread. Credits can be purchased at the Techdirt Insider Shop »

Follow Techdirt

Techdirt Daily Newsletter

Techdirt Deals
Techdirt Insider Discord
The latest chatter on the Techdirt Insider Discord channel...