Forgot your password?
typodupeerror
Security

Selectively Reusing Bad Passwords Is Not a Bad Idea, Researchers Say 280

Posted by Unknown Lamer
from the brain-full-try-again-later dept.
An anonymous reader tipped us to news that Microsoft researchers have determined that reuse of the same password for low security services is safer than generating a unique password for each service. Quoting El Reg: Redmond researchers Dinei Florencio and Cormac Herley, together with Paul C. van Oorschot of Carleton University, Canada ... argue that password reuse on low risk websites is necessary in order for users to be able to remember unique and high entropy codes chosen for important sites. Users should therefore slap the same simple passwords across free websites that don't hold important information and save the tough and unique ones for banking websites and other repositories of high-value information. "The rapid decline of [password complexity as recall difficulty] increases suggests that, far from being unallowable, password re-use is a necessary and sensible tool in managing a portfolio," the trio wrote. "Re-use appears unavoidable if [complexity] must remain above some minimum and effort below some maximum." Not only do they recommend reusing passwords, but reusing bad passwords for low risks sites to minimize recall difficulty.
This discussion has been archived. No new comments can be posted.

Selectively Reusing Bad Passwords Is Not a Bad Idea, Researchers Say

Comments Filter:

Make headway at work. Continue to let things deteriorate at home.

Working...