Quote:
Originally Posted by onewhippedpuppy
It really doesn't matter. You can have the greatest password on Earth, but then the website gets hacked and they have your data anyway. It always amuses me how IT Security weenies create password rules that virtually guarantee you will have to write them down, make you change them every 30 days, but then can't protect the data. Yes, overly convoluted password rules are a pet peeve of mine.  |
As you state - the problem with overly complex passwords is the need to write them down, which defeats the whole purpose of passwords! I bet a large percentage of folks reading this post have a sticky note 'cheat sheet' under their keyboard with their userid and password, or have a text file on their PC called "passwords.txt."
Using sentence-long passwords isn't really a good answer either - the longer the password, the greater chance of misspelling it and getting locked out of the device or application.
Two areas that show promise are:
1. Dual-authentication systems: for example - the typical card reader security locks are now being replaced with a card reader / keypad combination - you still have to swipe a card, but you also have to authenticate that card by entering a 4 to 8 digit code. I believe some applications like Facebook are implementing stuff like this by using your cell phone number as a secondary layer of authentication besides your password.
2. Biometrics: this has been around for a long time, but is getting a little more traction again -- I've used fingerprint access points to get into my datacenter for years - and now the same technology is at the consumer level - as found in the newer iPhones. Some folks feel it is not quite ready, but I really like the ability to unlock my iPhone using my fingerprint as authentication. It works very well for me, and since my fingers are hopefully attached to the rest of my body, it makes it very difficult for a thief to get into my phone without my knowledge.
Quote:
Originally Posted by GH85Carrera
I am looking for the perfect password app. With different web site that I have accounts with numerous email accounts and devices. I want a way to enter my passwords from several devices and many web sites and programs.
|
Not a big fan of password vaults, as now you need to trust their cloud's security. And if you don't have access to their system, you don't have access to anything.
Best cloud to store passwords in are your brain. Still the hardest thing to hack.
-Z-man.