I wonder if this can be easily adapted to use texts from different languages. All of my passphrases are sentences with words taken from different languages. Even if this can be adapted to multi-language passwords, I imagine the sheer volume of possibilities will be exponential.
If passwords fall over (relatively) so easy when challenged, I'm curious why IT departments, particularly in sensitive areas, don't just mandate fingerprint scanners on terminals for logging in to systems/programs, on top of the Username/Password combos.
Totally agree, you can't rely solely on one single method because of limitations and the potential for it to be broken (passwords being cracked, fingerprints being copied and reproduced). I think you've raised one of the major issues though: sole reliance on one method for security. If you work somewhere where information security is critical, relying solely on user generated passwords becomes an issue in my opinion, as humans are the weakest point in the chain: we choose easier-to-recall passwords, or reuse them with minor changes in a pattern (password1, password2 etc). As a thought, what's everyones opinion on logging on to your terminal and program's with a mandated lengthy password, a swipe access card (ie the one used to get into the building) and a fingerprint scanner. The hardware is relatively cheap, and adds at least a couple layers to being manipulated by any would-be attacker.