This Usability of Passwords is a new take on the whole security and password issue, which refreshingly suggests that there are alternative ways to stay safe apart from coming up with ever more complicated and unmemorable passwords.
It’s a great read if you’re finding it difficult to keep up with the demands of logins for the mountain of web services out there, and don’t want to trust your life to a single sign-in solution which could be compromised in an instant through no fault of your own. Definitely worth your time.
Security companies and IT people constantly tells us that we should use complex and difficult passwords. This is bad advice, because you can actually make usable, easy to remember and highly secure passwords. In fact, usable passwords are often far better than complex ones. So let’s dive into the world of passwords, and look at what makes a password secure in practical terms.
Actually, I recommend that everyone listen to Security Now episode #297 (http://www.grc.com/sn/sn-297.txt for transcript http://media.grc.com/sn/sn-297.mp3 for audio) which helps us better understand this. Using a “pass sentence” is not necessarily “more secure,” although it may be easier to remember.