Hey Kenny, I worked in the field (computer security) for a couple of years. In the simplest terms, the continuum is between ease of use, and security. Just as you state... the extremes are not good. Easy to use = easy to crack. Hard to crack = hard to remember. Forcing any or all of those criteria is pretty harsh unless the sit has a lot of liability. Suggesting those as 'tips' for a more secure password offers the user a lot of flexibility.
Mark On Feb 19, 2008 11:33 AM, Kenny Kutney <[EMAIL PROTECTED]> wrote: > Thought maybe I could garner some opinions on the usability of > password enforcement techniques. > > Recently, I've noticed a trend towards more "secure" passwords for > many things, and that's a good idea. However, I've also noticed that > certain web sites take that to an extreme, disallowing the use of any > password that does not meet their criteria. Often, these criteria are > also extreme. > > For example, one web-based product (non-financial) refused to allow > me to enter a password that did not have ALL of: > - at least one capital letter > - at least one numeric > - at least one non-alpha character > - at least 8 characters > > Clearly, this would produce a reasonably secure password, but I'd > never remember it!!! I prefer Google's approach, where a graphic > indicator shows me the "strength" of my password, but lets me choose > anything I want. > > Would certainly love to hear the group's thoughts on this... > > -- > kenny kutney > [EMAIL PROTECTED] > > ________________________________________________________________ > Welcome to the Interaction Design Association (IxDA)! > To post to this list ....... [EMAIL PROTECTED] > Unsubscribe ................ http://www.ixda.org/unsubscribe > List Guidelines ............ http://www.ixda.org/guidelines > List Help .................. http://www.ixda.org/help > ________________________________________________________________ Welcome to the Interaction Design Association (IxDA)! To post to this list ....... [EMAIL PROTECTED] Unsubscribe ................ http://www.ixda.org/unsubscribe List Guidelines ............ http://www.ixda.org/guidelines List Help .................. http://www.ixda.org/help
