Harold wrote: > So if anyone hacks your PC [or USB key] with Roboform [portable] on it they
I pick 30+ character passwords that are easy for me to remember, but hard for programs to break. Of course, this is predicated on being able to use the entire spectrum of Unicode, not just the 26 letters found in the Latin writing system, and the 10 numbers in the Arabic numbering system, and the 5 or so most common glyphs used for punctuation. Consider something like this as a trivial example: "上帝 etαγάπηy." Whilst weak, it is significantly stronger than your standard 12 password which can contain "1".."0","a".."z","A".."Z", " ","_","-",and"." despite the ease with which it can be memorized, and written. > *none* of your passwords. Hmmmmm. Backup your passwords in wetware. > "Not too easy to guess" ... Who is going to try to guess your password to a > public web forum? Why would anyone bother? And if somebody did, so what? It is much easier to consistently utilize strong passwords, than to use an adhoc mixture of passwords of varying degrees of strength. > Sorry to be blunt but that's complete balderdash. Any half way decent dictionary attack will know phrases as well as just words. True, however, allowing one or more spaces makes the work in brute forcing a password that much more time consuming. xan jonathon
