Changing gears slightly from the recent thread on protecting secrets from hackers and the NSA, I want to mention an approach to password security that I find very attractive: http://www.scientificamerican.com/article/memory-trick-increases-password-se... What I really like about this proposal is the way in which it makes use of things human brains are good at memorizing (namely images and stories) and builds them into the protocol. It also turns out that there's some combinatorial design theory involved with trading off ease-of-use against security, and trying to maximize the number of distinct passwords the system can create without burdening the user with memorizing too many Person-Action-Object sequences. For more information, check out https://www.youtube.com/watch?v=z4e5VImjc0Y . Jim Propp