[H-GEN] password fatigue

Arjen Lentz arjen at lentz.com.au
Thu May 23 19:40:38 EDT 2013


Hi Nick

> I'm suffering a bit of password fatigue. Basically starting to lose
> track of my logon names and passwords.
> 
> Any recommendations?
> 
> I am looking at single sign-on software, but am also aware that it can
> be a single point of failure.

http://xkcd.com/936/ is educational - unfortunately many sites demand stupid things like "mix of uppercase/lowercase and at least one digit" but you can still use it - if you start each word with a caps and consistently respell o to 0 and/or i to 1 it all works out fine.
The pwd strength is based on the N words, not the upper/lowercase/digit blah.

Making up your own words is best and probably easiest to remember, but there are generators out there also:
http://preshing.com/20110811/xkcd-password-generator


> I have a gmail account, does that mean I have OpenID already working?

You can have, yes.

> There is still a reasonable number of websites out there that do not
> consume OpenID.

OpenID is not intended as a secure login, but merely as an identification system for things like blog comments.
I may be misphrasing that a bit, but in any case it's not designed to be a magic single-signon mechanism.


Cheers,
Arjen.
-- 
Exec.Director @ Open Query (http://openquery.com) MariaDB/MySQL services
Sane business strategy explorations at http://upstarta.com.au
Personal blog at http://lentz.com.au/blog/



More information about the General mailing list