

 Is it just me or this is a very stupid idea? - cesarsalazar
http://www.passwordcard.org/en
I did some very quick arithmetics following the instructions given by the creators of this card, and it seems to me that the card holds &#60; 3000 password possibilities (ONLY!).<p>These guys are advising users to use strings around 8 (let's think 6-10) consecutive characters  (top-bottom, bottom-top, left-right, right-left and diagonals) as passwords.<p>I think this technique would increase the possibilities of brute-forcing a password by several degrees of magnitude.<p>Am I missing something?
======
mgkimsal
Doesn't seem all that stupid to me. It's just a tool. Certainly, if someone
happens to find out that I've got card 2e9c9735b1c972c8 and that I use every
other letter from the blue row for my bank password, yes, I'm in trouble, but
that's enough obscurity for me.

Better yet, I'll simply _look_ like I'm using the card, but actually using my
trust old " __ __ __ __" for my _real_ password!

------
getonit
I have exceptionally bad memory for numbers. I used to store the PINs for my
credit cards on the back of business card, disguised as phone numbers.
"Malcolm: (xxxx) 1234xx" was 1234 for mastercard, "Val: (xxxx) 1234xx" was
1234 for Visa, etc. I had my wallet stolen and both cards blocked due to
multiple failures to enter the correct pin.

Anecdotal, small sample size, luck, etc., sure, but I'd still trust the
concept. I'll be using it next password cycle and deleting my current PITA
flash app on my often-forgotten mobile phone.

