
Kill the Password: A String of Characters Won’t Protect You - m_sahaf
https://www.wired.com/2012/11/ff-mat-honan-password-hacker/
======
austincheney
That is because people do passwords wrong. Just make your passwords 40-60
characters of a common natural language statement with a random non-
alphanumeric character at the end. That is really hard to brute force and easy
to remember.

Unfortunately, this simple solution won't work on archaic legacy systems that
force stupid password rules and max lengths.

~~~
docluv
The average person cannot remember more than 8 characters. So a 40-60
character string of random characters, many of which we rarely use naturally
is not really feasible :)

~~~
austincheney
That is so completely not what I said. I bet my grandmother, if she were still
alive, could easily remember this 63 character password:

I wish I could walk my grandchildren to school when it is cold%

~~~
m_sahaf
We all can memorize a handful, but not 50 of them. That approach is cute, but
it doesn't scale.

~~~
austincheney
I really do not see the difference between that, mnemonically speaking, and a
random smattering of 8 special characters.

