it is my personal hunch that if users had just one password they needed to remember they could remember a good one. the janus stuff we
This approach is certainly commonly done by people for useability. However, the problem is that the best security you get is that of security provided by the weakest site (i.e., the weakest link the chain analogy). As an example, let's say that you use the same password to login to an online banking site (which really cares about security) and some random-dating site (which stores all unencrypted passwords in a big plaintext file on a rootable machine). An adversary trying to break-in to your bank account doesn't need to subvert the security of the bank site: He just needs to break into the dating site. No matter how many bits of entropy your password has, you lose. As a solution developed precisely for this problem, you should check out the pwdhash extension for browsers: http://crypto.stanford.edu/PwdHash/ Enjoy, --mike ----- www.michaelfreedman.org www.coralcdn.org