Which becomes a problem if sites don't allow
passwords larger
than 10 to 15
chars (as if they couldn't make a MD5/SHA1 out of it...) :(
Or sites that force you to have a password between a short range of
characters (6-10? Really?), or sites that don't allow special
characters, or sites that only allow alpha-numberic. I have no clue why
some sites force you to use less secure passwords, but it drives me
insane. Password management on the web is in a terrible state.
OpenID isn't without it's share of security issues, but I think it at
least solves the password issue; I can't wait until I can use my gmail
OpenID everywhere ;).
V/r,
Ryan Lane