March 18, 2009 at 1:53 pm | blabbing.

I came upon an application recently that asked for a very specific password style and type when creating a user that I had to think: Is this password going to help or hinder me from accessing the program?

People get used to certain passwords and styles of passwords that they use and password styles that are outside of this are often the ones that you forget and have to do password retrieval. Security people at companies often wonder why people write down their passwords and put them on post-it notes or on scraps of paper on their desk. Its because they were not allowed to use a password that they can easily remember. Or maybe they just have so many different passwords to remember that they need a little reminder.

Passwords are all about balancing security with the ability of the person to remember their password.

Update: 07/13/09 – Nice post by Bruce Schneier on strong passwords. He quotes a HotSec paper questioning whether strong passwords really help or if they are just a hindrance to everyday users.