Katie Albers wrote:
This is true. Which is why password fields that you *can't* make strong are evil. All password fields should at the very least *accept* all typeable characters. To go to the trouble of entering a strong password and then be told that you can only use upper and lower case letters, or letters and numbers, or whatever, is just plain non-sensical.
Completely agree. Requiring me to use a strong password for a critical asset: good; preventing me from using a strong password: bad.
However, requiring appropriately strong passwords isn't worth anything if you save my password in the clear and email it to me after I've registered.
I think this is why it's important for design people to dip their toe into the security pool just as "security purists" need to step back a bit and think about usability.
-- J. Eric "jet" Townsend, CMU Master of Tangible Interaction Design '09 design: www.allartburns.org; hacking: www.flatline.net; HF: KG6ZVQ PGP: 0xD0D8C2E8 AC9B 0A23 C61A 1B4A 27C5 F799 A681 3C11 D0D8 C2E8 ________________________________________________________________ Welcome to the Interaction Design Association (IxDA)! To post to this list ....... disc...@ixda.org Unsubscribe ................ http://www.ixda.org/unsubscribe List Guidelines ............ http://www.ixda.org/guidelines List Help .................. http://www.ixda.org/help
