User authentication… If there is a long and never ending story, it is definitively this one! All of us have plenty of passwords to write on post-its keep in mind.
They are several ways to increase the user authentication safety. By forcing very difficult passwords and learn them, by using strong authentication or by using central encrypted repositories like KeepAssKeePass or 1-Password. Each of them has pro and con: a central repository requires access to another computer or online system and strong authentication (remember, something you know, something you have or something you are) is often expensive (example: tokens).
PasswordCard.org tries to provide strong authentication at an affordable cost: a personal password card and a simple code per website or service you visit. Just browse the passwordcard.org web site and print your randomly generated personal card. Random characters are printed on it and are basically your future new passwords. To select a password, just pick up a symbol (from the top-row), a color and a password length (like any password, the password quality will be directly related to its length). You just have to keep in mind the relation between your protected resource and the code. Here is an example based on the card above:
To connect on your Gmail account, the light-green smiley 8-characters password is “pWsxvekQ”
Of course, the card can be read from left to right or from top to bottom. It’s a fact, the human brain must be trained to easily remember long strings of characters: The combination of a color/symbol uses the visual memory to help our brain to remind just the password location on the card. The system looks good but cannot be used in all cases: some very strong password policies are not compatible with the card (no special characters are printed on it). Not pretending to be the ultimate solution to solve the user authentication issues, passwordcard.org is a good initiative for people who have lot of strong passwords to remind, old or non-technical people.
Note: a code is also provided to regenerate your card if you lost it (to be kept in a safe location place of course!)
LOL! Indeed… What did I have in mind while write this post? 😉
mmm… KeepAss and KeePass is not the same.. 🙂