h a l f b a k e r y
Ambivalent? Are you sure?
add, search, annotate, link, view, overview, recent, by name, random
news, help, about, links, report a problem
or get an account
My idea is for you to have to input a modified version of your password, with the modifications being randomly selected and instructions on a garbled image(similar to the verification codes often used for registering accounts).
For example, they could include doubled password("Generic PassWord" turns
into "Generic PassWordGeneric PassWord"), reverse capitalization("gENERIC pASSwORD"), double-characters("GGeenneerriicc PPaassWWoorrdd"), or any combination("ggEENNEERRIICC ppAASSwwOORRDD").
This would all but prevent your password from being guessed, via person or being brute-forced, and could even nullify key-logging sometimes.
||You're saying they would be a new instruction for every logon attempt? This can work, but painful as hell.
||Restrictions on passwords: "We're sorry, you've used that password before, choose another."
I was nearly whipped to a Luddite frenzy by that one.
||My problem with the Idea presented is that it depends on alphanumeric input with caps optional. I feel that super-secure intranets may benefit by additional security, but that other users would just as much benefit from occasionally deleting their password files and re-establishing everything fresh.