So, my place of employment (a quick Google search should clear up the mystery) has just implemented challenge questions for their new password retrieval system. Now, on top of auto-expiring our passwords every six months (Grrr!), we are required to know the answers to odd questions. This is becoming common practice everywhere, so I guess there's no getting away from it. But other places (like my bank) let me choose two questions from a list of thirty or so. Not here. No, I must provide:

1. My favorite historical figure.
2. My best friend in grade school.

No choices, those are the questions.

They do let you create your own challenge questions, too, but you must also fill out the two they require. So, while some of you may be able to nail down your favorite historical figure, and some of you may have kept in touch with some chum from when you were seven (and I expect the misbegotten programmer who chose these two questions can do both), I can't, and I haven't. Which means, I have to choose a historical figure, and designate him or her as "likely to have been picked as my favorite". Same with my grade school pal.

Of course, the obvious answer for the historical figure is Jesus, and I would be willing to bet that a large majority of our white, Christian community has chosen Jesus. For that matter, the answer to the second question could readily be Jesus, too. Which led me to think about the two DIY challenge questions, and how I might make it easier on myself if I should forget my password...

1. My favorite historical figure: Jesus
2. My best friend in grade school: Jesus
3. The Son of God: Jesus
4. The answer to all these damn questions: Jesus

Try it, you might get lucky.

When I set my phone to vibrate I'd like to be able to set an expiration time for that. Say, for two and a half hours, if I'm at the movies. After that period has passed, the phone sets itself back to what it was before. Then I don't have to remember to set it back to ring, and I don't miss a bunch of calls the next day.

For all I know, there are phones out there that do this, but I'd like to have one.

It's password renewal time at work, and it's got me thinking about the best possible password. All the tips, tricks, literature, guidelines, rules, and automatic generators are obsessed with creating strong passwords. And that's fine, I gave up easy-to-remember passwords a long time ago. But there's another characteristics of a good password that nobody has yet addressed.

How easy is a password to type? How many times do you have to hold shift down? What about on your iPhone? How many times do you have to flip back and forth from one key layout to another? One password I have makes me flip no less than five different times.

That's a pain in the ass.

I'd like to see this become a new metric in password generation. Let's call it "typability."

Here are three examples of 8 character passwords, rated "Strong 100%" at some Google-found password checker site.

1.)%i}'4[V

OMG. The generator I used for that one suggested you "remember" it this way, ") % ipod } ' 4 [ VIRGIN" to which I can only say... no. Plus, talk about hard to type. On a keyboard, that takes three trips to the Shift key, so five layout changes, or to put it simply, this 8 character password takes 11 keystrokes. On the iPhone, it takes 17 taps (!), shifting virtual keypads eight times! Talk about awful.

2.QW34+)(p

I came up with this one myself, moving roughly left to right on the keyboard, trying to stick with the shift key. On the keyboard it takes two visits to the shift key, so only three layout changes, and 10 keystrokes. But because the keys are close to each other, they are easier to type quickly. Does that make the password easier to crack? Possibly, but I don't really know. On the iPhone keyboard, it takes 14 taps, shifting the keypad four times. Marginally better than the above. I'd remember this one as "Qwerty p".

3.aS1$&:9'

I came up with this one, too, but on the iPhone. On a physical keyboard, it takes two shift key strokes, and 10 keystrokes, which is the same as the above (though it seems faster to me). But on the iPhone it takes only 10 taps, shifting the keyboard only once. Of course, I'd have to remember it as "assy sand ought nine uh" so that's probably a problem.

So, I'm looking for a strong password generator that can also produce passwords that are easy to type on a keyboard, an iPhone keyboard, other keyboards (though I don't personally care about them), and has mnemonic/memorable clues. I am curious about whether typability compromises password strength, too.

Anyone up for that? Lazyweb?

Got me some new kicks today:

My first time shopping for shoes online, after years of watching over Aprille's shoulder. I went to a local store (a big box, not a local shopkeeper) and fitted myself for some Adidas. Size in hand, I went online to Zappo's, and bought exactly the style I wanted (which they did not carry at the store I visited) in the size I needed. Two days, cheap(ish), with a liberal return policy. This is how to buy shoes.

For the interested: Adidas Originals Samba. Which is not to say the original Samba, which has a really long tongue you essentially have to fold over.