As a programmer and all round geek I spend a lot of my time thinking about user interfaces for normal people. This is probably the hardest aspect to programming.
Putting yourself in the place of a normal user is, basically, impossible but every programmer/ui designer attempts to do this EVERY day.
Why am I talking about this? Well my dad's hotmail account was hacked over the weekend and of course I was called to look in to it. Of course my first thought was that he had a weak password. So I ask him "How good is your password, does it contain numbers and puntuation?". He paused and said "No, it's a word, they asked for a pass WORD".
Now it's easy to think that this is my dad's fault. But when you think about it, he did exactly what was asked of him. He entered a pass WORD a single word. A word from the dictionary, that's where words come from for normal people.
No one programmer or designer has failed him. An entire industry asks to world for passwords. To the industry, this is normal. It knows what it means by password but to normal people it means a word.
With this in mind I've raised a ticket for New Metal Army to change the word password to pass phrase (after asking my dad what he thought it meant of course).
Linguistically speaking, you’re completely right. The word password is…well…a word.
Unfortunately words don’t seem to cut it anymore when it comes to security.
I work for Passpack which is an online password manager and our double authentication uses a ‘Pass Phrase’ and a ‘Packing Key’.
Changing the word sometimes makes the concept easier to understand.
Louise
Hey,
The question is, did you set him up with a strong password, including numbers, punctuation, etc? If so, make sure he doesn’t lose the post-it note with it on.
Tom
I did change his password and he wrote it in a little black book. I will be setting him up with Password Safe the next time I am around. Maybe I’ll give passpack a try.
Persoanlly I use 1Password which is an excellent plugin for OS X.