Hacker News new | comments | show | ask | jobs | submit login

The (rather convoluted) plan seems to consider Dvorak so fantastically hard, that the user never just learns to write his/her password using it, but must look up a reference on a different machine every time.

I've never used Dvorak, but I think I would be able to memorize a single string after having been forced to type it, after a while.

Well, the idea here is that you are very rarely actually forced to type it (most of the time, you go ahead and take the break). Let's posit a user who really needs to log back in within the timeout period once every two weeks (which seems unreasonably often to me), has a reasonably complex password, and changes their password every three months (normal workplace requirement, in my experience). They will type the password 6 times, at widely spaced intervals. I think most people would not memorise it under these conditions. And if you find yourself going and spending time practicing, or you do end up memorising it because you log back in every three days or more, it's time to admit that either you are regularly literally dealing with fires at work and can't afford to take breaks, or you have deep issues with just chilling for a minute.

Well put. If you keep logging after this hack activates, then you know you have a problem..

When I first started learning dvorak, my passwords consisted of a,m, the numbers and ~ (these keys are in the same positions as they are on QWERTY).

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | DMCA | Apply to YC | Contact