Martin Crandall wrote: > I've been thinking about and investigating the issue of password > management. Passwords are the weak link in any computer security > system. The problem is that following the standard recommendations -- > choose long, random passwords, and never recycle them for use with > multiple accounts -- quickly overloads the memory capacity of all but > the most dedicated. Here are some solutions that I've been
I wonder what universe you live in, Martin? What systems allow you to enter a pass PHRASE? I have accounts on dozens of web sites and online services, and all of them take only a pass WORD. You can't use diceware or some other system that's going to generate a 10 word sentence that you can write down or memorize. The systems won't accept such a long password. I suggest you climb out of the ivory tower and visit the real world for a few days. I think you'll find that there are a lot worse problems in security than choosing and memorizing super-high-entropy pass phrases. Security is essentially nonexistent today.
