Braindump

Get this stuff out of my head.

Secure Logins That Aren't Secure

| Comments

I’m becoming more irritated by organisation who are failing to understand that their secure login systems are anything but. Any organisation provides me with a ‘secret’ number or a passphrase (or restricts what passphrase I can use) that I have to remember to login is effectively putting my data at risk by forcing me to write that passphrase down.  I can remember pin for my debit card and another one for my credit card, the password for my email is easy as I use it everyday), being asked to remember 2 more numbers (not of my choosing for an online account I use once every 6 months… Why would I?  How could I?  So I write it down… and remove any semblance of security! If they can’t pick-up on the OpenID movement couldn’t they at least have the decency to let me choose my own damn password?

Comments