[Cryptography] New SSL/TLS certs to each live no longer than 47 days by 2029

[Stephan Neuhaus]

On 4/18/25 16:38, Kent Borg wrote:
>> Arguably, blanking passwords actually makes things worse because [...]
> [...]
> 
> That is part of why I am a fan of horse-stable-battery style login 
> passwords (https://xkcd.com/936/).

To throw a bit more data into this mix, a student and I once did a (very 
small) study of how well people could type various kinds of passwords on 
mobile devices: Random letters, correct-horse-battery-staple-type 
passwords and one other type that escapes me at the moment. We did not 
find a significant difference in the accuracy, speed, or number of 
corrections between masked and unmasked passwords, but the statistical 
analysis was exploratory only (because we felt that doing some null 
hypothesis testing on an n=10 study would not be entirely honest).

You can find the paper here:
https://dl.acm.org/doi/10.1007/978-3-030-22351-9_5

Fun

Stephan