Following the same reasoning than the last post, we can conclude that if people can’t remember long or complicated passwords thay also aren’t able to remember more than one password at the same time.
What most people do is use the same password again and again, in different sites or even in his personal computer. So, if you want to get a password from a site where it’s quite difficult to do it, why not to try with another site which might be easier?
You can try to get the login password, the ISP password or any other one which is saved in the computer. If you have physical access to the computer there are some good ways to get them.
The first one is using ShowPassword. If you find a textbox where there are hidden passwords, which will be replaced with asterisks, these can be easily revealed with this program, only by executing it and moving the cursor over the textbox.
Another program from the same author is Protected Storage Viewer which extracts information from some hidden places in Windows. This can show saved passwords from Outlook, Internet Explorer and MSN Explorer.
We can see that it’s really important to have a good password policy and change it to something different in every place we need to create an account. One policy which can work is having a general password for some non-critical sites (as online forums) and custom passwords where security is more important (as in your bank).