Computer generated passwords versus complicated passphrases
Published: Wednesday, May 20, 2020 written by Andy Flagg
View Count: 75
Keywords: Passwords, Computer Generated, Passphrases
In 1999, I started using no passwords at all for some ecommerce systems development since orders were received, processed and discarded from online systems and kept in offline archives. The need for a password was irrelevant because the recipient did not have to have an email address nor anything more than shipping information and payment information, and of course, order details.
In 2001, we started seeing complex passwords spring up and I dismissed that concept because the creators knew nothing about AI and password hashes and cryptography - ergo, they thought password length of 13 or more of random generated characters was strong - boy were they wrong. It takes a computer to hack a computer, and they do think alike.
Because of that stupidity, that is when I stepped in with no passwords or just passphrases that were keyed with a special chacater such that hacking tools would be fooled and forced into a no find scenario.
Fast forward 20 years, the powers that be, are finally catching on and figuring it out as a business rule and best practice, and the hackers and complex machines still cannot figure it out - why, because it's unique, long strong and easy to remember yet hard to figure out.
more to come...
if you found this article helpful, consider contributing $10, 20 an Andrew Jackson or so..to the author. more authors coming soon
FYI we use paypal or patreon, patreon has 3x the transaction fees, so we don't, not yet.
© 2020 myBlog™ v1.1 All rights reserved. We count views as reads, so let's not over think it.