I really don't think that's a good idea. I've never tested it, but my
gut says that:
1) if you use it so seldom you don't remember it, then you use it so
seldom you don't remember the modification (which of those variations
you proposed did I use? I should write it down)
2) if you use the unmodified version on sites that won't accept strong
passwords and it's cracked, or if someone finds your written down
password, then cracking the modified version is relatively simple
Anything where writing down a part of a password forms part of the
privacy solution is a bad idea. There are ways to make strong
passwords memorable; people should know what they are (and that
requires a fair amount of education on our part) and use them (which
requires consistently enabling strong passwords on our part). I
believe that our goal and the goal of the data security community
should be that everyone has a maximum of 3 strong passwords (to allow
for periodic switching) that can be used in all instances. But that's
beyond the scope of this question.
kt
Katie Albers
Founder & Principal Consultant
FirstThought
User Experience Strategy & Project Management
310 356 7550
[email protected]
On Apr 17, 2009, at 11:17 PM, Chris Novell wrote:
I have read the prior replies and looked at the recommended links with
interest and have learned a lot - thanks, all!
I would like to suggest that a user could select a relatively strong
password and write down something close to the password. They would
then need to remember only what the modification is.
For example, a user could write down
milkanddairy when the password really is
milkanddairy& or
$milkanddairy or
milk&and&dairy or
MILK&AND&DAIRY or
zilkandzairy
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Posted from the new ixda.org
http://www.ixda.org/discuss?post=41287
________________________________________________________________
Welcome to the Interaction Design Association (IxDA)!
To post to this list ....... [email protected]
Unsubscribe ................ http://www.ixda.org/unsubscribe
List Guidelines ............ http://www.ixda.org/guidelines
List Help .................. http://www.ixda.org/help
________________________________________________________________
Welcome to the Interaction Design Association (IxDA)!
To post to this list ....... [email protected]
Unsubscribe ................ http://www.ixda.org/unsubscribe
List Guidelines ............ http://www.ixda.org/guidelines
List Help .................. http://www.ixda.org/help
