I don’t understand this one. The reason many (most) sites require you to confirm your password is to ensure you typed it correctly when creating your password, otherwise a typo would prevent you from logging back in correctly later. We’ve all “fat fingered” a password before. That simple confirmation step prevents it on creation. How does entering my password twice when logging in provide any additional security? If the password is compromised, the extra field does nothing.
I presume the reason is to make Quicken look/feel more secure than it really is.
I should note that I like Quicken. I like it enough that even though the native Mac version is so disappointing on paper that I never purchased it, I did I purchased the Windows version and continue to use it there. I think that demonstrates my not hating Quicken. It does however have its quirks that just make me wonder what they were thinking.
How to clone ePassports (the ones that use RFID).
Yet another piece of evidence that shows the technology is not ready for prime time. I’ve mentioned several times before what a failure RFID deployments in high security situations has been. This is just another example.
[Via Bruce Schneier]
Love the password manager? Previously I provided a tip for haters. Here’s one for the lovers. Use a master password, this allows you to use one password to provide security, but without needing to remember all those others you have. To set one go into the
“Tools” menu and select “Options” and click on the “Security” tab. Now check where it says “Use a master password”. You’ll be prompted to create one. It will even show you how good your password is.
If you need help generating a good secure password, check out SafePasswd.com.
An interesting perspective on 20,000 Passwords. As noted in the comments, the data collection skews the results a bit, since most people who fall for phishing scams aren’t knowledgeable enough to know a good password form a bad password.
But it’s possible to generate a safe password with ease even if your not a technically inclined ;-).
Password Manager forgets password when checking mail might be the most annoying bug in the entire world.
Thankfully David Bienvenu seems to have found a fix.
Hopefully 1.5 isn’t ready yet, so we can test this on 1.6, and perhaps get it in for 1.5? What do you say Asa? Any chance?