

Trained to use hard to remember passwords which are easy for computers to guess - i2o
http://xkcd.com/936

======
anigbrowl
How true. I'm sick of being forced to pick new passwords by algorithms which
insist the ones I'm using are too short, don't contain enough $%^ _&_ )
symbols, or are too similar to passwords I've used before. My bank makes me
put in a password every single time, which is a complete PITA on my cellphone.
My wife's work Blackberry now requires a 14-character password every time she
wants to use it.

This is not security, it is just more security theater. Just give me a pin pad
or some little interactive puzzle mechanism that I can do in my sleep, but
which has a large number of possible wrong combinations - if it comes back
wrong several times in a row, _then_ ask me for the password. Right now it's
_easier_ to get into my account without my overly-elaborate password, by
saying I've forgotten it and then answering biographical questions - which of
course I gave truthful answers to, back in the day, and which I am now unable
to change. 1Di0ts.

