My idea is for you to have to input a modified version of your password, with the modifications being randomly selected and instructions on a garbled image(similar to the verification codes often used for registering accounts). For example, they could include doubled password("Generic PassWord" turns into "Generic PassWordGeneric PassWord"), reverse capitalization("gENERIC pASSwORD"), double-characters("GGeenneerriicc PPaassWWoorrdd"), or any combination("ggEENNEERRIICC ppAASSwwOORRDD"). This would all but prevent your password from being guessed, via person or being brute-forced, and could even nullify key-logging sometimes.
-- Tempest, Jul 19 2005

You're saying they would be a new instruction for every logon attempt? This can work, but painful as hell.
-- theircompetitor, Jul 19 2005


Restrictions on passwords: "We're sorry, you've used that password before, choose another."
I was nearly whipped to a Luddite frenzy by that one.

My problem with the Idea presented is that it depends on alphanumeric input with caps optional. I feel that super-secure intranets may benefit by additional security, but that other users would just as much benefit from occasionally deleting their password files and re-establishing everything fresh.
-- reensure, Jul 19 2005



random, halfbakery