The sign up page is often the only education users get about passwords. Ask any user what they think makes for a strong password and find the response sounds like they’re reading off password requirements. Password requirements on sign up pages have spent years teaching users to make “strong” passwords when they should have been …
What’s more important? Password length, complexity, or strength? Neither. None of those things is as important as uniqueness of your passwords. Why Uniqueness Is The Most Important Factor? The reality is that you’re more likely to have someone obtain your password from a previous breach then someone to guess your password. Attackers know a lot …
If websites generated passwords for their users, it would fix so many problems. It would… Keep users from reusing passwords. Keep users from using weak passwords. Remove the anxiety of creating passwords. Show people they don’t need to remember every password. Be less complicated than doing 2FA. Be easy to write down. Speed up and …
It’s not every day I come across something so wrong about password managers that it moves me to write a response. Michael Horowitz writes the article in question, you can read it here The main point of the article is that password managers are bad, and using formula based passwords are good. I’ve already done …
Who do you trust more? 200 websites to store your passwords or yourself? If you’re not using a password manager, you’re trusting 200 websites* to secure your same or similar passwords. This is like living in a neighborhood where everyone’s house keys are the same. It’s only a matter of time before one house key …
If you don’t trust password managers or fear “putting all your eggs in one basket” then the peppering method is for you. Note: Peppering your passwords also have been called salting, secret salt, double-blind passwords, and password splitting but peppering is the more correct term so that is what we’ll use. How To Pepper Your …