MS Employee Calls for No More Passwords 614
BobPaul writes "On his blog, Robert Hensing of the Microsoft PSS Security Team makes a really convincing argument for the abolishment of complicated passwords. He argues that precomputed hash tables, network sniffing, and programs like LoftCrack make passwords obsolete and dangerous in the windows environment. What does he recommend in their place? Passphrases: sentences and quotes that are easy to remember but may be more than 30 or 40 characters in length. With many companies requiring frequent password changes, (and we know exactly where that leads) this is a simple idea I'm surprised more people haven't been doing this more often."
Excellent! (Score:5, Funny)
In other news Microsoft is waaayy ahead of him... (Score:1, Funny)
password vs. passphrase (Score:2, Funny)
Only a few thousand years behind... (Score:5, Funny)
My passphrase... (Score:5, Funny)
or
Make of that what you want, but:
Of course, I changed the password to something more politically correct before leaving the companies....
Re:Biometrics (Score:3, Funny)
Or that someone else has your body present. Or just search google for jelly fingerprint to see how to duplicate other people's prints for fun and profit.
Biometrics is bound to stick around for a while, but the fad will hopefully fade before all my bank and credit card accounts get tied to my fingerprint and I have to have new prints carved into my fingers to replace the ones that some identity thief lifted off the scanner.
Re:password vs. passphrase (Score:1, Funny)
Microsoft sux0rs really bad!
Which is just slightly harder to guess than "password".
No one will ever break my password! (Score:5, Funny)
Auto-completion (Score:1, Funny)
Re:No one will ever break my password! (Score:4, Funny)
Re:Biometrics (Score:4, Funny)
That's true
Re:Biometrics (Score:5, Funny)
Gummy Bears! Bouncing here and there and everywhere! Foiling security beyond compare! They are the Gummy Bearrrrrrrrrrrs.
Re:Auto-completion (Score:3, Funny)
[] Check this box to remember password
Re:One Question (Score:1, Funny)
(just kidding, im a sexually frustrated computer nerd like the rest of you.
question (Score:1, Funny)
Will Carrot Top go to jail?
This fella will probably suffer for disclosing (Score:3, Funny)
Multifactor auth is the only cure. I wish there was something available to implement it besides smartcards. Something that doesn't require a smart card reader and works everywhere, preferably something wireless within a few feet. You could do three-factor auth, even. This "something", pin code and biometric (fingerprint). That would be pretty darn cool.
Re:question (Score:2, Funny)
Let's hope so!
Re:Biometrics (Score:5, Funny)
Ooh...yea--that'll be the downfall of biometric authentication. Someone steals my retina and then all my accounts are 0wned for ever and ever...
Re:Biometrics (Score:4, Funny)
Good point, but anyone who wants to go through all that trouble is welcome to my slashdot account.
Re:Passphrases are MUCH easier (Score:2, Funny)
Re:Excellent! (Score:2, Funny)
-Jay
Re:Biometrics (Score:5, Funny)
Something I have... Smith and Wesson.
Something I know... How to freaking shoot.
Something I am... Bad MotherFucker.
*gets notepad* (Score:3, Funny)
Thanks.
Re:Passphrases are MUCH easier (Score:2, Funny)
Re:Biometrics (Score:1, Funny)
Typical Microsoft-style innovation (Score:3, Funny)
Patents pending.
Gummy bears?!? (Score:2, Funny)
I totally agree with them (Score:2, Funny)