It’s the classic problem of having “too many keys”. You have accounts on many different web sites. Some are small and relatively insignificant, from a security point of view, like blogs or shopping sites. Some are large and sensitive, like banking and PayPal accounts. Since unified login mechanisms like OpenID are not yet pervasive, you must remember the usernames and passwords for every single site. This is a truly daunting task.
Ideally, you would like to use passwords that are “strong” (i.e. very good, not easily guessable) and different for every site. However, how can you remember each secure and unique password without resorting to a “cheat sheet”?
Read the rest of this post »