Could someone make an app that can recognize who the user is and give him a mulligan if he gets one or two letters off in his/her password?
I’m having nightmares remembering all my passwords and I usually click on “Forgot your password”.
Observing members:
0
Composing members:
0
9 Answers
Not that I know of any “superb” app like that… If you have troubles remembering your passwords, why don’t you just note them down? Either on your computer or your phone or anywhere convenient.
I suggest you note down like this:
<The website>
<Your username>
<Your password>
For example:
Fluther
Username: talljasperman
Password: password
Too easy to spoof, and too vulnerable to certain forms of cryptographic attack, so not just no, but HELL NO!!!
There are password managers that will keep track of all your passwords for you, but the fact that most sites give you 3–5 attempts before locking is enough of a Mulligan, and that lock is actually to prevent “brute force” attacks like the ones you see in movies where a top-secret mainframe gets hacked in seconds.
There’s a balance between security and convenience, and the inconvenience of multiple passwords is the price we pay for adequate online security. Make it convenient for yourself by using the same password everywhere, and it’ll be convenient for anyone who hacks into any site where you have an account to clear out your bank account.
Just write them down and pin it to a wall.
Such an app would have to have access to the plaintext of the stored passwords.
Which means either that the passwords have to be stored locally, in which case you might as well use a password manager, or it would have to gain access to the passwords stored on the remote server. To do that, the app would not only have to be able to automatically log into the server as an administrator, it would also have to be able to decrypt the stored passwords (unless the server stores the passwords as plaintext, which is just stupid)
That is not only a security risk, the likes of which has never been seen before, to you, but also to the owner of the server and every other user. No service provider in his right mind (except the various spy agencies, who would love such a tool) would cooperate with the developer of such an application, so a legitimate login into the server to read the password is out of the question.
What you are left with is having to make an automated, universal hacking tool, which is not only almost impossible to do, but also enters into the realm of illegality.
So the answer is , ‘No’.
Apply pen to paper instead.
I use a password manager. I only need to remember the one password for that app. Once I’m in the app, I can create and store complex passwords or manually enter and store the passwords I already have. The app lets me copy the password, so I can paste it into the password field on the website I am trying to access. The password manager I use works on my mobile devices and my computer, and keeps the lists synced.
There are free online password managers you can download. I used to use Contact Keeper but since then I have just written every single login username and password I use. I know people tell you not to write them down but there really is no other efficient way to remember everything, not unless you have an eidetic memory.
We have a “green spiral-ring notebook” with almost a hundred passwords between my wife and myself.
I use a password manager (SplashID). I use simple algorithm to generate passwords for each website I go to, that way they are easier to remember.
Response moderated (Spam)
Answer this question
This question is in the General Section. Responses must be helpful and on-topic.