whilst i concur with the premise that passwords should die, saying that xkcd-passwords are hence incorrect would be like saying.. hi-dpi monitors are not better than their low-dpi predecessors - we should be using direct computer/brain interfaces.
obviously, xkcd-passwords are an improvement, in many aspects, over the passwords many people tend to pick. but until a reliable, secure, and proven alternative shows up (which i'm hoping it will), there's no need to muddy the what-makes-a-good-password waters.
obviously, xkcd-passwords are an improvement, in many aspects, over the passwords many people tend to pick. but until a reliable, secure, and proven alternative shows up (which i'm hoping it will), there's no need to muddy the what-makes-a-good-password waters.