Why so many bad passwords? Because the rules allow them

[Highmac]

Sooz's password thread led me to this article in Government Computer News.

QUOTE

Users will chose(sic) the path of least resistance, particularly if they have to remember a password, so they’ll usually choose the easier three categories: upper- and lowercase letters and throw in a number. Hence, a lot of “Password1” — which, the report points out, meets the same complexity requirements as “X$nc*(24,” or any other combination that makes use of all five categories.

[Xairbusdriver]

Just like operating a motor vehicle, the most dangerous part is the nut behind the wheel! The most dangerous part of computing is the brain in control of the keyboard and mouse! Of course, people taking the path of least resistance is not a new behavior, either...

I stopped worrying about secure passwords when I learned about and started using 1Password many years ago. The name says it all. Basically, I remember one password to access the app (which is on my iMac, my iPhone and wife's MBP). The only other password I have to remember is for my computer.

I let 1Password do all the other remembering! I always use its PW creation settings to use a fairly long series of whatever characters the service will allow (some sites/companies don't allow punctuation ). I usually don't allow repeated characters nor "pronounceable" 'words.' Since 1PW does all the work and keeps multiple backups, I concentrate on other things. Many of those things include registration info of every important app I own (license #, purchase date/price, support site url, etc.). It also keeps my credit card data readily available and secure. BTW, I turn OFF Safari's Autofill function since it's not as secure as the same info in 1PW.

So, when you purchase 1Password, be sure to mention my name, I get a 15% commission on any sale with that reference. NOT! But I can dream.