How to burn a password into your brain

Discussion in 'other security issues & news' started by Minimalist, Jul 14, 2014.

Thread Status:
Not open for further replies.
  1. Minimalist

    Minimalist Registered Member

    Joined:
    Jan 6, 2014
    Posts:
    5,057
    http://nakedsecurity.sophos.com/2014/07/14/how-to-burn-a-password-into-your-brain/
     
  2. Veeshush

    Veeshush Registered Member

    Joined:
    Mar 16, 2014
    Posts:
    643
  3. Minimalist

    Minimalist Registered Member

    Joined:
    Jan 6, 2014
    Posts:
    5,057
    Mathematics makes strong case that “snoopy2” can be just fine as a password


    http://arstechnica.com/security/201...-that-snoopy2-can-be-just-fine-as-a-password/
     
  4. KeyPer4Life

    KeyPer4Life Registered Member

    Joined:
    Dec 18, 2013
    Posts:
    974
    theguardian
     
  5. Veeshush

    Veeshush Registered Member

    Joined:
    Mar 16, 2014
    Posts:
    643
    I get the thinking behind "well, if it's just a web forum or something why set a strong password when it's not as important". But really, why not use a strong password? Get in the habit, make it hard for any other person but you to access your stuff.
     
  6. deBoetie

    deBoetie Registered Member

    Joined:
    Aug 7, 2013
    Posts:
    1,149
    Location:
    UK
    The thing that would worry me about this is long-term retention using these memorisation techniques, particularly when it was not often used. I didn't see anything in the study where they looked at retention a year downstream.

    What I find with my long Diceware passwords is that they are fairly easy to remember, and, more importantly, they stick, precisely because they can be made to mean something,for me!

    I also do not agree with the MS advice relating to using weak passwords on "unimportant" sites and warning about the dangers of password managers, because it is ignoring 2FA, which simply has to become more widespread and easy to use. I find that a limited number of strong memorised passwords, plus a Yubikey coupled with Lastpass and Password Safe is a workable arrangement until more sites natively include 2FA which respects users's privacy better than current ones (e.g. the Fido initiative).
     
  7. dogbite

    dogbite Registered Member

    Joined:
    Dec 13, 2012
    Posts:
    1,166
    Location:
    EU
    I prefer to use at least 30 digits random password for anything, just for the fun of it.
    Thanks god there are Lastpass, Keepass, etc in this world.
     
Loading...
Thread Status:
Not open for further replies.