Password Sanity

The Center for Password Sanity


When I was doing research for my book Authentication a few years back, I came to realize just how crazy password management has become. The rule comes down to this:

The password must be impossible to remember and never written down.

This is, of course, ridiculous. The ideal password has to be both memorable and hard to guess. Ideally, a password should be hard to crack, which means that it even takes a computer a really long time to guess it.

I wrote up some comments about this in a part of my web site called The Center for Password Sanity.


Note that some of this material may be reproduced under a Creative Commons license, while the copyright for some material is held by Addison-Wesley, the publisher of Authentication.


Get every new post delivered to your Inbox.

Join 46 other followers