When you force people to use hard-to-remember passwords, you’re actually forcing them to use bad passwords.
A billion people have written about this before, but I like my approach, so I’m sharing it in case someone else finds it useful. Most of my passwords go into a password manager; those are long and random and generated by the password manager and I don’t care whether they’re easy to type or memorable… Read More »
As I wrote earlier today, I just changed my password on over 300 Web sites. In the process, I encountered a large number of sites which simply don’t know how to do password security properly. Some of these sites are operated by major corporations which are entrusted by their users with confidential and sensitive personal… Read More »