|
> All the added complexity of implementing minimum character limits on passwords and requiring them to be changed every 3 months literally drove people to write passwords on post its and put them on PC monitors back in 2019... Some things never change... This does seem a bit silly, but is also the "logical" thing for many people, who won't be able to remember all of their different passwords and don't know of any better solution - thus the less tech savvy will store their passwords in a text file, a spreadsheet, or a post it note on their computer. Personally, I don't know any of my passwords anymore. Everything is randomly generated by KeePass with the password databases being distributed across my devices or SD cards/HDDs for backups (encrypted). Once you stop thinking of passwords as something that you should "know", but rather something that you "have", then it becomes way easier. Far too many people have the wrong mindset and attempt to use the same password for multiple sites - they're one breach away from having a really bad time. And yet, somehow we don't really talk about that and don't educate people. I don't believe that in school or university, across more than a decade of education a password manager of any sort was ever mentioned, be it a web based one or a file based one. Not even proper encryption (outside of SSL/TLS, but for websites), no mentions of PGP/GPG either. And that's after getting a Master's Degree in Software Engineering. Of course, I talked with peers and other people, including professors about these topics, but they were never officially covered in any of the courses. That makes me think that outside of ads on YouTube for popular SaaS offerings in the space, it's a pretty dire situation for the average person. |