It makes no sense to force users to generate passwords for websites they only log in to once or twice a year. Users realize this: they store those passwords in their browsers, or they never even bother trying to remember them, using the “I forgot my password” link as a way to bypass the system completely — Âeffectively falling back on the security of their e-mail account.
Bruce Schneier, “Security Design: Stop Trying to Fix the User”, Schneier on Security, 2016-10-03.
July 24, 2018
QotD: Passwords
Comments Off on QotD: Passwords
No Comments
No comments yet.
RSS feed for comments on this post.
Sorry, the comment form is closed at this time.