This is a very interesting set of problems to solve. 1) My password is not secure enough 2) My password is too difficult to remember 3) My password is too difficult to type
I'm not sure a blacklist is the right approach. If someone really wants to use their first name as their password that's up to them. But, if they're using their first name because they can't think of something better, that may be an area where we can help. What ideas do people have? ----- Original Message ----- From: "Ryan Feeley" <[email protected]> To: [email protected], [email protected] Sent: Monday, December 9, 2013 10:08:34 AM Subject: 10,000 Top Passwords (cross post) (Sent earlier to dev-identity list, but relevant to you all as well.) "91% of all user passwords sampled all appear on the list of just the top 1,000 passwords." https://xato.net/passwords/more-top-worst-passwords/#.UqWy83i9LCS If true, it's hard to argue that passwords alone are strong enough to secure accounts. Create a blacklist? I would love to help people concoct their own password scheme and improve password management at the same time. Ryan Feeley Product Designer, Identity Mozilla UX IRC: rfeeley _______________________________________________ Dev-fxacct mailing list [email protected] https://mail.mozilla.org/listinfo/dev-fxacct _______________________________________________ Sync-dev mailing list [email protected] https://mail.mozilla.org/listinfo/sync-dev
