Martin Crandall wrote:
> I've been thinking about and investigating the issue of password
> management. Passwords are the weak link in any computer security
> system. The problem is that following the standard recommendations --
> choose long, random passwords, and never recycle them for use with
> multiple accounts -- quickly overloads the memory capacity of all but
> the most dedicated. Here are some solutions that I've been
I wonder what universe you live in, Martin? What systems allow you to
enter a pass PHRASE? I have accounts on dozens of web sites and online
services, and all of them take only a pass WORD. You can't use diceware
or some other system that's going to generate a 10 word sentence that
you can write down or memorize. The systems won't accept such a long
password.
I suggest you climb out of the ivory tower and visit the real world for
a few days. I think you'll find that there are a lot worse problems in
security than choosing and memorizing super-high-entropy pass phrases.
Security is essentially nonexistent today.
