I have various passwords on various systems, as you do...
For our main internal systems I regularly change my password and have, until recently, used mkpasswd to create a password with letters, digits, symbols and so on. Obviously I don't use this password on any external systems.
I would make a point of manually changing password on various systems so I had to type it many times - even so it would take me a few days to remember it, and so risk shredding the post-it!
Recently I changed to using an XKCD 936 password. This is four random words (adjective/noun/adjective/noun). This is long, but has lots of entropy so is a good password. It is important they are random words and not four words you pick yourself in order for this to be a good password.
The first thing I noticed is that I remember it - no need for a post-it note at all. That is to be expected and exactly what Randall was saying in the cartoon. I was able to create a contrived mental image to remember it, just like correct horse battery staple (no, that is not my password).
However, what is interesting is that I still had to think about typing it after days or even weeks. I.e. I knew the password but my fingers didn't. I am now just typing it without thinking, at last, but that took a lot longer than with the old shorter passwords. I suspect it is simply a matter of the length. Not really a problem but an interesting observation.
Another quirk I have noticed. With the old passwords I would immediately forget my old password when I made a new one. This was such an issue I would have to write down my old password just in case I had not updated something and needed to know it later. I cannot recall any of my old passwords from that system. But what is odd is that the new XKCD 936 password is not replacing the old password in my memory. I still remember the last mkpasswd based password and my new XKCD 936 based password at the same time. They obviously use different parts of the memory somehow.
The old passwords appeared to be remembered in the way it is typed, so much so that to say my password (which you never do) I would have the think about typing it and realise what keys I would be pressing.
I will change to another new XKCD 936 password at some point, and I wonder if I will forget the previous one or not. That will be an interesting test.
We will probably be moving to a system of OTPs for many internal systems in future - with keyring code generators. Shame, as I am starting to like the XKCD 936 passwords.
Isn't it funny how the brain works some times.
My air-con can have a temperature set and aim for it. It has a wide range of ± a few degrees which I don't like. It is not setting tempe...
Broadband services are a wonderful innovation of our time, using multiple frequency bands (hence the name) to carry signals over wires (us...
For many years I used a small stand-alone air-conditioning unit in my study (the box room in the house) and I even had a hole in the wall fo...
It seems there is something of a standard test string for anti virus ( wikipedia has more on this). The idea is that systems that look fo...