« Fokke & Sukke were also at that party | Main | Because Jeroen hasn't mentioned it yet... »


Sigh... it's happened again. I want to log in to a site I haven't been to in a while, and out of a very small pool of low-security login/password combinations, none of them work. I can find the password in an old, disused Eudora box, but I don't know the login name anymore. If I hadn't found the password in the Eudora box, I would not have been certain that the email address I'm going to ask them to send the login name to was still valid, or indeed what it might have been.
This is now the norm for most sites. Even the limited number of logins, passwords, and email addresses that I use for sites that don't affect my financial affairs or the running of my own web presences gives a number of combinations beyond my ability to remember, and the addition of random passwords like this site turned out to have given me makes it even more of a nightmare. My first thought on signing up for any new site these days is "oh, great, a new password to forget", and it usually takes me less than a week before I need the site to email the password to me. Passwords are, of course, emailed in the clear, so each email sent makes me vulnerable to identity theft.
People like Jakob Nielsen have been writing about password usability for a decade but I don't see any real progress being made in this area. (Replies mentioning Microsoft's Password initiative will be ignored. You don't think I'm going to entrust my private information to Microsoft, do you?)

Comments (7)

Garth Wallace:

Too bad email encryption never caught on, or emailing passwords wouldn't be a problem.


Password Safe is a open source password storage program. Just do a search on Sourceforge.net for password safe or password manager depending on you OS. Password Safe is appearently also available for Win based PDA's. And it uses the Blowfish encryption algorythm.

Don't know if that will help.

Might well. Thanks! I'll look for it when I have a little more time.


Index cards are open source as well. ;)

So's banging rocks together, and I don't carry rocks with me in the workplace either.


I keep all my online passwords in a text file on my home computer. The important ones (online banking) are not written out longhand, just a mnemonic for them.

So to keep my passwords secure, I keep my home computer secure. Using ssh, I'm able to login to it from anywhere, if I need to. Of course, I usually only need to know these passwords when sitting at my home computer, so it's no big deal.


You are welcome, hope it does. If not, there are sure to be many programs like it that might be better suited to your OS / tastes.


This page contains a single entry from the blog posted on January 13, 2005 7:40 PM.

The previous post in this blog was Fokke & Sukke were also at that party.

The next post in this blog is Because Jeroen hasn't mentioned it yet....

Many more can be found on the main index page or by looking through the archives.

Creative Commons License
This weblog is licensed under a Creative Commons License.
Powered by
Movable Type 3.34