Thought maybe I could garner some opinions on the usability of password enforcement techniques.
Recently, I've noticed a trend towards more "secure" passwords for many things, and that's a good idea. However, I've also noticed that certain web sites take that to an extreme, disallowing the use of any password that does not meet their criteria. Often, these criteria are also extreme. For example, one web-based product (non-financial) refused to allow me to enter a password that did not have ALL of: - at least one capital letter - at least one numeric - at least one non-alpha character - at least 8 characters Clearly, this would produce a reasonably secure password, but I'd never remember it!!! I prefer Google's approach, where a graphic indicator shows me the "strength" of my password, but lets me choose anything I want. Would certainly love to hear the group's thoughts on this... -- kenny kutney [EMAIL PROTECTED] ________________________________________________________________ Welcome to the Interaction Design Association (IxDA)! To post to this list ....... [EMAIL PROTECTED] Unsubscribe ................ http://www.ixda.org/unsubscribe List Guidelines ............ http://www.ixda.org/guidelines List Help .................. http://www.ixda.org/help
