|
|
|
|
|
|
by freddex
1555 days ago
|
|
|
But is it just a question of education, or also a question of usability? A nice, random sequence of alphanumerical characters that can not be connected to the user at all is, unsurprisingly, hard to remember for the user. Dumb stuff like reusing passwords and choosing pet names is a mistake from a security perspective of course, but also a mitigation of the poor usability of passwords. Don't expect the user to remember dozens and hundreds of strong passwords. Rather, I would advocate password managers. For me personally, the simple usability of Firefox's integrated password manager (auto-suggests a strong password on account creation, auto-saves the credentials and syncs them across devices) has done more to improve my passwords than all education. I guess I am lazy, but many people are. |
|
|
If the user has to remember any password aside from a single unique password used in only one place, they’re doing passwords horrendously wrong.
We have had at least twenty years of password managers by now (KeePass), a good ten of them with browser integrations of various degrees of effectiveness, and almost as long with some form of mobile phone support.
At this point, not using a password manager to save totally-random passwords that don’t need remembering is no different than not using a seatbelt. It’s stupidity and ignorance in action.