Ask PG: What if I forget my password?
I tried to log today (just by now), but I forgot my password, I even forgot if I had signed a simple account or using the click pass (i finally logged by trying the different signs up and the Google one worked for me).
I wander why HN don't implement a simple Passowrd recovery application, that let you recover your password using your username and send you the password reset to email.
Or what if I did forget my pass??
47 comments
[ 55.0 ms ] story [ 413 ms ] threadpeople naturally tend to have a small number of cross products of usernames and passwords...once it gets too large we start forgetting parts of it.
a couple times in the past year i've forgotten my password for hn. after the first time it happened i wrote it down so i wouldn't lose my precious karma.
But it really feels like people are more stingy with upvotes, especially at the story level. Gone are the days of nickb getting ~1k upvotes from a single submitted story over and over, now it's a much more reserved upvote culture where you have to submit a lot more material and interact more to get those big numbers.
You don't see many buddhist monks creating successful businesses.
(I have not involvement with that site except as a user, but it's one of those things that I feel compelled to plug because it has made my life so much easier.)
--
This topic has come up many times on Slashdot... I'll share my digest of interesting link
Pronouncable Passwords :: http://www.multicians.org/thvv/gpw.html :: generate a memorable basis point, add unique randomness on top. Very good for teams where the secret 'salt' is shared, but you can remind teammates which password is used verbally
Keepass :: http://keepass.info/ :: Self encrypting db with GUI tools
Diceware :: http://world.std.com/~reinhold/diceware.html :: offline strong password generator
It stores an encrypted DB accessible via a master password, and it works great with something like DropBox if you use multiple machines. It also works w/ multiple logins per site.
If I'm ever logged out I will lose all my shiny karma points. Those ain't worth much, c'est la vie.
And I'd be fine with "nod" -> "Facebook" (e.g.) mapping being public.
Many websites should offer e-mail-less logons since it's simply not necessary to have password retrieval or anything but basic authentication.
It makes signing up much easier. Since convenience is generally the price of security, I appreciate it when a website affords me the convenience of using the correct level of security.