h a l f b a k e r yWith moderate power, comes moderate responsibility.
add, search, annotate, link, view, overview, recent, by name, random
news, help, about, links, report a problem
browse anonymously,
or get an account
and write.
register,
|
|
|
Please log in.
Before you can vote, you need to register.
Please log in or create an account.
|
My idea is for you to have to input a modified version of your password, with the modifications being randomly selected and instructions on a garbled image(similar to the verification codes often used for registering accounts).
For example, they could include doubled password("Generic PassWord" turns
into "Generic PassWordGeneric PassWord"), reverse capitalization("gENERIC pASSwORD"), double-characters("GGeenneerriicc PPaassWWoorrdd"), or any combination("ggEENNEERRIICC ppAASSwwOORRDD").
This would all but prevent your password from being guessed, via person or being brute-forced, and could even nullify key-logging sometimes.
[link]
|
|
You're saying they would be a new instruction for every logon attempt? This can work, but painful as hell. |
|
|
Restrictions on passwords: "We're sorry, you've used that password before, choose another." I was nearly whipped to a Luddite frenzy by that one. |
|
|
My problem with the Idea presented is that it depends on alphanumeric input with caps optional. I feel that super-secure intranets may benefit by additional security, but that other users would just as much benefit from occasionally deleting their password files and re-establishing everything fresh. |
|
| |