I know competent adults whose login flow for most websites is “forgot password.” Might be better off writing your passwords on post it notes at that point.
I know competent adults whose login flow for most websites is “forgot password.” Might be better off writing your passwords on post it notes at that point.
I've seen a few sites where the login flow is simply entering your email address and you get a time-limited login link sent to you. You never create any password at all. I was skeptical at first but I've found it seems to work pretty decently.
This could not be a more picture perfect example of a Wirth-suboptimal engeneering decision as per the article if it were designed for that. The amount of slowdown to run to the emails, wait for reception, open, copy, paste instead of using the sensible flow of password manager integration is huge. But people will use wasteful processes if they just don't need to change them, so what are you gonna do?
Whenever some website asks me to use specific weird characters in my password. I have to write it down on a post-it note and put it in the top drawer of my desk.
The irony is that the websites which require such passwords are often low-importance.