in reply to RE: RE: Ethics of Passwords
in thread Ethics of Passwords

You're right, of course.

But I should have clarified my thoughts. Notice how I mentioned sticking non-alphanumeric characters into the mix? The scheme I mentioned would not work if it were used precisely every time. But I think it's a good general idea for generating passwords , at least for low-risk access, like desktop workstations in the marketing department.

Take a pseudo-random mix of letters that's pronounceable or has a meaningful association in case it's forgotten, and add several arbitrary numbers that have a pattern (like 6786 or 1641), stick in a punctuation mark or two, and you have a decent, hard-to-break password. But that's just common sense, I guess.

Of course, arbitrary-length passphrases are so much better and easier to remember...