h a l f b a k e r yFewer ducks than estimates indicate.
add, search, annotate, link, view, overview, recent, by name, best, random
news, help, about, links, report a problem
browse anonymously,
or get an account
and write.
register,
|
|
|
You type one and then the other, frequently with a tab key
inbetween. Technically, it's just one long string of keys you're typing.
Why not just make them one long string of characters you're
inputting into the same field.
[link]
|
| |
Not strictly - but what do you do when you want to identify a person without being able to impersonate them? |
|
| |
Or is this just about not typing a "tab"? |
|
| |
In that case, is xyz user "x" with password "yz", or is it user "xy" with password "z"? |
|
| |
Ian + Tindale =too long to remember? |
|
| |
The ID can be not the same as the login, the same as the
avatar pic is. |
|
| |
C'Mon IanT - give us an idea!. My answer to your question is "Yes!" |
|
| |
It's not so much about not typing the tab, but realising that
the tab is merely a vestigial ritual, really. |
|
| |
Ooops! - Ongoing annotation. If you are questioning the whole user/password scenario then best we discuss why it is unnecessary.
Lets start with the fact that someone has discovered your username and password and you want to change the password because of this. You would have to change/destroy the whole account in your scenario. |
|
| |
If the account identification is implicit in the password, passwords would have to be unique.
They'd also have to be longer - otherwise, it's too easy to guess *some* password of a million users. |
|
| |
From a tech support perspective, it helps if one can tell what a user who's trying to log in is trying to do; otherwise, one would be reduced to semantic analysis of passwords in a potentially very large search space. A little redundancy is a good thing. |
|
| |
The advantage is when you type it wrong. Then the computer tells you whether you just entered the wrong password, or the wrong username altogether. And in the latter case it's comforting to know that you're not in the process of locking yourself out of your account. |
|
| |
"the tab is merely a vestigial ritual" |
|
| |
What gnomethang said. [-] unfortunately. |
|
| |
Having said that, if you include "\t" in either username or password, the program could assume it has both. Works for cut and paste, otherwise easier to press [tab]. |
|
| |
what a sense of humour the boy has. |
|
| |
Provided there is another character not permitted in a username (other than tab) then this should work just fine. e.g. if a comma is not allowed then you could log in using: myusername,mypassword |
|
| |
Then again, typing an extra comma is much the same as an extra tab. In this concept would you replace the whole string with ******** or just the password part ? (how would you know where it started?) |
|
| |
The thing about the Logon [vestigial ritual] Password thing is that the ritual summons the asterisks. Without the ritual, the asterisks wouldn't appear, and without their properties of obfuscation, the password would become revealed. |
|
| |
If you wanted to do away with the necessity for the asterisks, you'd have to make the string of characters unique enough to identify you as you, and not someone who may have also typed in that specific string by mistake (or on purpose) - one way to do that might be to make the typed string exceptionally long, or, rather than typing, to automatically generate a long string from some unique and difficult to spoof property that you alone have - which is what fingerprints, iris scans and voice recognition is all about. But all that's doing is replacing one vestigal ritual (pressing tab) with another (pressing your thumb onto the pad) |
|
| |
* Would become obsolete :-( |
|
| |
[sorry iantindale, -] What [jutta] said and what if you forget your password or username? What do you type to get the system to send your correct details back to you? Just your password?
What if Ian's password is Tindale? What then, eh?! |
|
| |
The login is as it was, and the password is as it was. I just
type them one after the other without stopping, into the
same field, that's all. The field will most likely be obscured in
the usual password manner of bullet glyphs. I think if I can
manage to type my password that way I can probably also do
my login that way too, all as one continuous run of typing. |
|
| |
Make mine "FlyingToaster[TAB]mumble"... :) |
|
| |
Okay, it does make sense for some applications, most notably if you have an OS that parses on a keystroke-by-keystroke basis. You could then type: |
|
| |
C:\> login halfbakedapp FlyingToaster mumblepeg |
|
| |
and the system would parse on the keystroke or the word (separation key: space, tab, comma, period, etc) and automatically asterisk out the password.
Doesn't make much sense over the Internet if you want the password hiding ability though since you'd have lag on each keystroke. |
|
| |
So when I want to sign up to the new single username/password HalfB and I choose the same word as someone else what happens? Does the system say "Choose a new word" or make 2 identical accounts? If it's the former I can now hack into an account, if it's the latter how does that work? |
|
| |
Oh for fuck's sake, you just fucking make a new acocunt, the
same as usual, with a user name, the same as usual, then
choose a fucking password, the same as usual. How the fuck
could anything have changed in this procedure - it's the same
as it always fucking is. Fucking hell. |
|
| |
Having a bad day Mr T?
The problem that I see with this idea can be found at the bottom of each anno. In order to identify who posted a comment, the user name of the poster is displayed next to the comment. A website would have no idea which part of your login string was user id and which part was password. So, if your user name/password was a single string then, in order to identify yourself as the poster of a comment without revealing your password, you would have to have a seperate account id. Which sort of negates the point of the idea. |
|
| |
Sounds to me like his usual fucking day. |
|
| |
OK, so you're not changing anything about how the website works. There's still a separate username and password. The only difference is that when you type them in, instead of having to hit the tab key, you hit... the spacebar or something. Instead of hitting one key, you hit a different key. How does this save you anything? Are you worried that the extra input box is using up your screen's supply of input-box-drawing materials? |
|
| |
Or else you mean you don't hit *any* key in between... but then you've got problems as soon as the users "Bobby" and "Bob" choose the passwords "anyothername" and "byanyothername", respectively. |
|
| |
Most people are focussing too much on the username.
Assume the thing you type in is just a password. When creating an account, the security system insists that your password (naturally quite long) is 3 or more characters different to any existing (systems tells you "Your password is similar to some existing passwords. Please try something else" - keeps other accounts secure).
Your account still has username and other associated data, but to access it, only the password is required. |
|
| |
//Your password is similar to some existing passwords. Please try something else// - If an unscrupulous person were to receive that message, they might not bother signing in, and try to figure out what that 'close' password might be. I think it would be interesting to get a sample list of passwords for a given system and see how many of them are actually (or at least guessably) the same. |
|
| |
//Why not just make them one long string of characters you're inputting into the same field?// Because it wouldn't work. |
|
| |