Quote:
Originally Posted by Freeshadow
That. The best long ones are alphanumeric string abbreviations of complete passphrases. An example:
"My mistress eyes are nothing like the sun" becomes:
|
This doesn't solve the problem for people with many passwords though.
If you only have 5-6 passwords to remember it may make it easier for people to remember them. If however you use quite a few web forums or different shopping sites the number of passwords grows rapidly and then you either use the same phrases for a few sites or have an issue remember which phrases you used.
A light internet user may have only a few passwords such as computer login, email, facebook, maybe a phone web login, a bank and credit card login. That's 5-6 but doesn't include web forums, shopping sites, device accounts like Apple ID, gaming passwords, phone pin, bank and cc pins and so on. It doesn't take much before the number of passwords an internet user needs to remember has grown to quite a few.
Add in sites that require you use at least one upper case, one number, or two uppercase or other site specific rules and you have to then remember how you adjusted your phrase to account for that.
I'm basing this not just on my own opinion though, but also an admittedly minute sampling too, a few friends used the method you suggested
One still uses it, but they only have a couple of logins. The others stopped after they hit double figures on passwords.
That said, IF a person finds it easier to remember lots of phrases and it helps them use longer slightly more random passwords, then it's a step in the right direction because the biggest threat login wise atm imo is either brute force login attempts or brute forcing of stolen hash DBs. Unless you get a trojan of course