Why we should scrap 'dumb passwords' in favour of smarter security
If longer passwords are not the answer, but we still need to authenticate ourselves, why not dispense with passwords altogether?
Why we should scrap 'dumb passwords' in favour of smarter security
If longer passwords are not the answer, but we still need to authenticate ourselves, why not dispense with passwords altogether?
Problem is not the passwords but the programmers/Sites directly and can be solved with a simple 2 words.
Time out!. (3 to 4 Strikes and you have to wait 2 hours or a day before you can try again). <-- now try and run your brute force against that, No way you gonna get it in a week, no matter how big a cluster you have cause you will have to wait for the next day to try the next set of 3 words.
Bio is also not an answer. If a password gets cracked you can change it.... what do you do when someone copies your iris or fingerprint. We can not exactly go swap our eye's out for new ones.
Check out MyGaming Steam giveaways and
The idea of biometrics as a password is already obsolete.
http://mashable.com/2014/12/29/fingerprint-photo-copy/
Biometrics are usernames not passwords as they cannot be changed.