On Sun, 6 May 2007, Blu Aardvark wrote:
Passwords should be /required/ to be at least six characters in length and contain at least one letter and one number. Most other popular sites do at least this. (If such a change were made, users with passwords not meeting this requirement could be prompted to change theirs upon the next login.)
Which means they'll *have* to use the same password on multiple web sites. It's just impossible for a human being to dozens of different arbitrary sequences of characters needed to get around on the net these days.
You can choose between crackable passwords, and passwords that anyone who runs a web forum and logs passwords can just type in. There are no other options.