Random Passwords in the Wild
Interesting analysis:
the hacktivist group Anonymous hacked into several BART servers. They leaked part of a database of users from myBART, a website which provides frequent BART riders with email updates about activities near BART stations. An interesting aspect of the leak is that 1,346 of the 2,002 accounts seem to have randomly-generated passwords-a rare opportunity to study this approach to password security.
Daniel • October 20, 2011 7:04 AM
This highlights something I’ve suspected for a while now. Complex passwords don’t really have much benefit for online systems, there are to many other things that can (and do) go wrong and there are other controls which are fairly effective at any sort of password guessing attacks.