Originally published at: http://boingboing.net/2016/10/19/digital-defenders-a-free-open.html
…
Groan. The password advice this gives is not very good - basically it says:
- Generate unique passwords for every website
- Don’t use dictionary words.
- It should be longer than 12 characters.
- The password should be a random combination of passwords and special characters.
How do we expect anyone to manage this without the use of a password manager? They do suggest one on the last page, but they don’t emphasize its use on the first page.
Without a password manager, or at least writing them down in a notebook you keep with you, it’s impossible to remember several 12-character random passwords - so the above goals are untenable.
I’d much rather they say:
- Find and install a password manager - here are three free options: (a) (b) ©
- Use the password manager to generate all passwords, make them at least 16-20 digits long including numbers and special characters
- For some special passwords, like your laptop password, use an acronym or diceware approach.
Anytime you encourage someone to create their own passwords, for whatever reason, you will almost always have a much more easily cracked password.
2 Likes
For most people… My wife’s freak talent is remembering random strings with no effort. e.g. SSIDs that ISPs assign to wifii routers that they supply – when visiting a friend, they will have to go to the router, write down the password and then tell us, but the next time that we visit the wife can just recite it from memory.
1 Like
This topic was automatically closed after 5 days. New replies are no longer allowed.
