Alan Cox wrote:
Does anyone have any evidence, anecdotal or formal, about how
different password strength requirements impact the usability of a
web-based application?
Tangental, but here's a great article by Bruce Scheneier on "Choosing
Secure Passwords" based on how people actually attack passwords:
<http://www.schneier.com/blog/archives/2007/01/choosing_secure.html>
I think that your security purists (love that phrase) need to define the
value of what you're protecting and determine an appropriate set of
password rules. Are you protecting my checking account or my
preferences at wunderground.com?
--
J. Eric "jet" Townsend, CMU Master of Tangible Interaction Design '09
design: www.allartburns.org; hacking: www.flatline.net; HF: KG6ZVQ
PGP: 0xD0D8C2E8 AC9B 0A23 C61A 1B4A 27C5 F799 A681 3C11 D0D8 C2E8
________________________________________________________________
Welcome to the Interaction Design Association (IxDA)!
To post to this list ....... disc...@ixda.org
Unsubscribe ................ http://www.ixda.org/unsubscribe
List Guidelines ............ http://www.ixda.org/guidelines
List Help .................. http://www.ixda.org/help
