from the too-much dept
Last year, we wrote about how, for most people, memorability is more important than security when it comes to choosing passwords, but some sys admins will have none of that. They’re forcing increasingly difficult to remember passwords on people in the name of security. Of course, this often backfires, since those who need to remember such passwords just end up writing them down on a post-it note and stick it to their monitor. While it makes sense to give users certain rules, forcing them to create passwords that simply can’t be remembered doesn’t seem likely to help anyone. This is one area where biometrics could definitely help, but we’re still a ways off from that being common.