- Rely on multiple factors including your damn smartphone?
Posted: Thu Feb 13, 2025 6:14 am
This race for complexity is unfortunately counterproductive, because it comes up against human limits.
From then on, users will no longer remember passwords but use avoidance strategies.
However, the initial purpose of a password is to be memorized and not to be kept on some paper or shared on several sites!
It is therefore preferable to opt for a strong password, which will be kept for longer, than to add rules to rules and, in the end, have supposedly strong passwords that are changed every 3 months. Of course, the other solution is switzerland telegram data to have a password manager… But who has one? And the latest successful attacks against the companies that publish these managers raise the question of trust.
In this impasse, what is the solution? It is difficult to say it with confidence…
On the other hand, trying to make passwords inhumanly complex, in the first sense, seems to me to be a futile approach.
Moreover, ANSSI, your reference organization in terms of security, corroborates this analysis.
From then on, users will no longer remember passwords but use avoidance strategies.
However, the initial purpose of a password is to be memorized and not to be kept on some paper or shared on several sites!
It is therefore preferable to opt for a strong password, which will be kept for longer, than to add rules to rules and, in the end, have supposedly strong passwords that are changed every 3 months. Of course, the other solution is switzerland telegram data to have a password manager… But who has one? And the latest successful attacks against the companies that publish these managers raise the question of trust.
In this impasse, what is the solution? It is difficult to say it with confidence…
On the other hand, trying to make passwords inhumanly complex, in the first sense, seems to me to be a futile approach.
Moreover, ANSSI, your reference organization in terms of security, corroborates this analysis.