Slashdot Mirror

← Back to Stories (view on slashdot.org)

Users feel Password Rage

Posted by CmdrTaco on from the hulk-no-can-log-in-hulk-smash-puny-pc dept.

Pcol writes "The Baltimore Sun is reporting on Password Rage, the frustration users have with the abundance of codes they are required to memorize. Some cope by remembering their passwords with the help of a tune or a phrase, some use three or four levels of passwords with the most complex protecting financial information, and others keep all their passwords in a database - protected by a password. Security experts say that with the increased use of biometrics, our reliance on passwords will lessen in the future. Until then, it's ok to cheat - but wisely."

6 of 388 comments (clear)

  1. Biometrics on it's own is weak authentication by Herrieman · · Score: 5, Interesting

    Biometrics on it's own is still one-factor, and thus weak, authentication. To make it strong authentication, you still have to add:

    - something you have (such as a token) or
    - something you know (such as a password or pin :))

    --
    http://blog.astyran.sg
  2. But where do you draw the line? by reachinmark · · Score: 5, Informative
    Banks in Sweden are currently running a new BankID system. You can use this to access several government facilities, including submiting claims for sick leave and possibly in (the future) voting, over the internet. The password protection? Your certificate must be unlocked with a password that is at least 12 but at most 16 characters, of which at least 3 must be digits, and 4 alphabetical characters. Oh, and you can't simply repeat a word two or three times - they check for that. The end result? A password so annoying difficult to remember that of course everyone has it written on a post-it note by their keyboard.

    Now THAT gives me password-rage.

  3. Remembering passwords... by yeti-graf · · Score: 5, Funny

    One guy I worked with set his password to "Viewsonic" so that whenever he forgot it he could just look at his monitor.

  4. Re:USB keys by TCM · · Score: 5, Interesting

    How does this protect malware to read it off your USB stick _and_ use it? Right, you protect your private PGP key with.. a password!

    The only thing that comes to mind that's even remotely sophisticated is an "intelligent" USB stick, so to speak. It contains your private key and never gives that out to anything. Instead, it gets fed a challenge, encrypts it using the key and sends it back to the computer where the corresponding public key is stored.

    Is anyone using something like this on a regular basis (for his home server/desktop)?

    --
    Of course it runs NetBSD. BTC: 1NT7QvbetmANwaMzhpVL6
  5. Re:Don't forget the admins.... by BabyDave · · Score: 5, Funny
    ... now I'm stuck resetting passwords all day. I blame the users for this, but it *will* be nice for IT staff when biometrics replace passwords.

    User: I can't log in!
    Tech: Your biometric data's become corrupted, we'll have to resample it
    Tech pulls out meat cleaver
    Tech: Now, are you left- or right-handed?

  6. Keyring for PalmOS by arth33 · · Score: 5, Informative

    Just protects the passwords so you don't have to lock down your whole PDA all the time (I don't really care if someone nabs my schedule/phone list). It works really well, and seems to be written with security in mind (as opposed to ease of use). According to the website, it uses "secure triple-DES encryption using a 112-bit key derived from the password". And the best part: it's open source. Pick it up here: http://gnukeyring.sourceforge.net/