Whoa. Six characters for your pw?Holy crap! You almost have my password. Mine only has 1 character more. Amazing.
It's cumbersome and I don't see how one would expect widespread adoption when people are still using passwords like "12345".
It's a new dance the kids are doing.What is a 2 Step verification?
I hate this shit on my credit card accounts.
Why the hell does paying my credit card need to be walled off with such strong security. If some random dude wants to pay my credit card bill for me, LET HIM!
Because one of your peers will quit and move on. Then in a couple years, he'll come back as a consultant at $200 an hour. He'll find the backdoor and other security risks, and look like a hero. Then he'll raise that hourly rate, because he is perceived as being so valuable.Reminds me of my work place, some systems need like 3 different passwords to get into.
OR
You can dialup to it and enter a 4 digit password. What's the point of all that security level if there is a backup backdoor that is barely secured? Though this is one of few instances where security through obscurity actually works, because nobody would even know how to do anything even if they did gain access.
You have a better idea?
login credentials could be handled via your web browser. You don't need to make or remember a password for each individual website because it would assign an encryption key that would get changed after each login.
The credentials can be handled by your web browser either through an integrated manager or an extension. Logging into that could be done either by two step verification, fingerprint and/or face scan, speech recognition, mouse/swipe gesture, keyfile, etc.
Passwords in general should be done away with or alternatives need to be introduced. 20 digit alphumeric passwords containing symbols are great but who is going to be able to remember one for each place they login to? Not to mention typing them on a mobile device is a pain in the ass. Key managers are great but they are entirely separate processed that take alot of time to setup which is why you're not seeing widespread adoption.
This is why people just go back to easy cheesy hackable password and you're not going to get people onboard to do something that will make a daily task cumbersome. What if an automaker decided to use two step verification to start their cars? People would most likely buy something else.
That's why it's not gonna work.
You don't need to make a unique password for every website/service you login to. That's just too much.
Reminds me of my work place, some systems need like 3 different passwords to get into.
OR
You can dialup to it and enter a 4 digit password. What's the point of all that security level if there is a backup backdoor that is barely secured? Though this is one of few instances where security through obscurity actually works, because nobody would even know how to do anything even if they did gain access.
No but using the same one for each is a horrible idea.