Perhaps you’ve seen this recent XKCD about password choice?
It prompted a spirited debate – even on our very own Security Stack Exchange – about the merits of the argument presented there. Now, to be clear, I’m completely on Randall’s side here; I’m all for passphrases over passwords,
Back in summer 2008 when we were building Stack Overflow, I chose OpenID logins for reasons documented in Does The World Really Need Yet Another Username and Password:
I realize that OpenID is far from an ideal solution. But right now, the one-login-per-website problem is so bad that I am
As we continue to work on the code that will eventually become stackoverflow, we belatedly realized that we’d be contributing to the glut of username and passwords on the web. I have fifty online logins, and I can’t remember any of them! Adding that fifty-first set of stackoverflow.
Dare Obasanjo’s May 26th thoughts on the Facebook platform contained a number of links to the Facebook API documentation. At the time, clicking through to any of the Facebook API links resulted in a login dialog:
It struck me as incredibly odd that I had to login just to
I’m no fan of the classic login/password scheme. I can barely remember any of the zillion logins and passwords I have. More often than not, I end up using the “forgot password” link. Which means, in effect, that my email account is my global password. And if you’
I have fifty online logins, and I can’t remember any of them.
What’s my password? I can’t use the same password for every website. That’s not secure. So every password is unique and specific to that website. And what’s my login name? Hopefully it’s