Applying Pavlovian Psychology to Password Management 288
Ars Technica reports on an interesting and sensible-sounding approach to password policy that I'd like to see adopted just about everywhere I have a password (which, these days, is quite a few). An excerpt:
"For instance, a user who picks "test123@#" might be required to change the password in three days under the system proposed by Lance James, the head of the cyber intelligence group at Deloitte & Touche. The three-day limit is based on calculations showing it would take about 4.5 days to find the password using offline cracking techniques. Had the same user chosen "t3st123@##$x" (all passwords in this post don't include the beginning and ending quotation marks), the system wouldn't require a change for three months."
Why not? (Score:5, Funny)
Include the quotes, and be even more secure!
I just read an interesting story about Pavlov. (Score:5, Funny)
.
Re:Proliferation of two-factor means (Score:4, Funny)
Why do you hate America?