I ran into this article about using Ink Blots to make passwords on Microsoft Research’s site and it got me thinking about security and privacy. I think the only bastion of true privacy these days is in the mind. Social Security #'s, mothers maiden names, pet names…its all just demographic data that is in the wide open. So for the common user, trying to remember a strong password (numbers, letters and punctuation) is just too hard.
Maybe Biometrics are the answer. Fingerprints can’t be faked…or can they be? Maybe not by the casual user, but they can be faked. Anyone who got arrested for a petty infraction has their fingerprints in the ‘system’.
I think this article is on the right path…passwords based on very private thoughts, not information that is in the open somewhere.