On Sat, May 6, 2017 at 12:30 PM, Gene Wirchenko genew@telus.net wrote:
set silly on Hey, maybe we can have cameras watching for body motions as passwords. Since throwing up one's hands about the password problem is not workable, throwing up one's hands can be the new equivalent of having a password of "PASSWORD". set silly off
Not so silly. There are password processes that depend on gestures that are under testing. The ability to click and swipe through a series of images is somewhat unique due to biomechanical parameters or personal habits. I've also seen proposed some sort of facial recognition. The sooner we get through remembering a dozen random characters, the better. That's just a waste of time.
I use a password manager that syncs encrypted data over the internet so I have the same set of passwords on different machines of different OSes (Windows, Linux, ChromeOS, Android) and browsers. But none of these make it easy for desktop or console applications; you need to query the manager, prove you're you, copy the password to the clipboard (insecure!) or try to manually type longish random strings. Double-bonus goes to sites that double-check with an SMS or similar. "Something you know (password) and something you have (cellphone)" makes for good two-factor authentication.