Sophos Cloud Optix
On the face of things, human nature being what it is, it sounds like it might actually work.
Encourage people (well, let’s be honest.. guys) to use stronger, more secure passwords by incorporating a graphic of a stripping woman.
The idea dreamt up by the developers at Platform45, and as explained by the chaps at TechEye, is that users are rewarded for choosing strong passwords by displaying a pixelated image of a woman who strips off more clothes the better the password.
Before you start imagining that this might be somehow titillating, check out the animated graphic I made:
Yes, this stripping woman is definitely a throwback to the 8-bit era of computing.
My beef with the idea is not whether the idea is chauvinistic or not, but rather whether it really helps with security.
A pixellated stripper might be enough to encourage you to use a more secure password – but does she take her clothes off too easily?
I tried a series of passwords on Naked Password’s demo page, only to be mightily let down by how easily the woman could be encouraged to strip down to her undies and beyond.
For instance, a dumb password such as “123456789” was enough to get her topless – but I certainly wouldn’t suggest that that is a strong or sensible password for anybody to use.
The idea of “Naked Password”, therefore, may cause some wry smiles in IT departments – but don’t rely upon it as a sensible way to encourage your staff to use better passwords.
If you do want to encourage more sensible password choices, watch this (non-naked) video I made describing how to choose a hard-to-crack password that’s easy to remember:
(Enjoy this video? You can check out more on the SophosLabs YouTube channel and subscribe if you like.)
Chauvinistic or not, I think it's hilarious. And really, the question of whether or not it actually helps makes passwords stronger just goes back to the code powering it. Tweaking the code so that it requires some level of entropy (so that she doesn't take anything off for 123456789, etc) wouldn't be that difficult, similar to the way the more sophisticated javascript "password strength indicators" work.
If you can explain method that to my mother in law then most people can use it. All you are promoting is for the user to write them down, basically moving the security to the user.
Why not just have them enter the full sentence
I do a 24+ character password that is a sentence, think about a high school sweet-heart and describe what you did, the more sexual the better.
You won't write it down nor forget it.
you will smile each time you enter it and most importantly you won't tell anyone what it is.
I have Xampp for testing WordPress files and theme files installed on my computer, for my website and because I use the same machine also for banking I take security absolutely seriously. Thanks for the help info and for rising the awareness.
I made an open source password generator using Microsoft Online Safety algorithm to check password strength. Source and application is available here : http://passwordgenerator.codeplex.com/
Might help that poor stripper from getting cold 🙂
When i just put in a random password with symbols, she took all of her clothes off.