When my wife came home with the new T-Mobile G1 (the Google Android-based HTC Mobile phone), I took a peek at it and thought it was pretty cool.
One thing that caught my attention immediately was the password feature to unlock the phone. Instead of typing in a PIN like I do on my Windows Mobile phone, my wife uses her finger to make a pattern on the grid. Instead of a PIN that someone can guess with enough tries (granted, my phone wipes itself after 8 tries) you can put in a patter on the grid which is nearly impossible to "guess"... that got me thinking.
With all the hacking that's happened in the past several weeks, most notably the annoying Twitter hack that filled up my news inbox... and all the associated "passwords" talk that went around - I wondered what would happen if Twitter had this same kind of security as my wife's G1. Interesting.
What I have been saying for at least 2 years now, and I'll repeat here again is this: passwords are so 5 years ago. Designers of software and systems need to move beyond passwords, no matter how complex, because they're all useless. So many attacks, password-stealing trojans and other attacks would be thwarted if the designers of these systems simply thought a little more intelligently about the security of their system.
Sad, really... a consumer-based handset has better security than most high-technology, high-volume, high-net-worth, high-security web sites.