Security Basics mailing list archives
Re: Password Storage
From: c.brace () lamp ac uk
Date: 2 Aug 2006 11:36:21 -0000
Doug It all depends on the strength of the passwords that you are using, it's a fine balance between providing passwords that are strong enough to be effective, simple enough to be remembered by your users. No matter how simple your passwords are, you will have some users who will insist on writing their passwords down somewhere (Check desks, under keyboards, in their top drawer, on their whiteboard, in the pile of post it notes stuck to the side of their monitor) let's face it the only way that we are going to stop some users from writing them down is to cut off their hands. probably the best thing to do is to escalate the privaliges for their accounts as and when they are required. (OK this is slightly more admin work, but having those servers constantly available sounds like a bad idea) --------------------------------------------------------------------------- This list is sponsored by: Norwich University EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE The NSA has designated Norwich University a center of Academic Excellence in Information Security. Our program offers unparalleled Infosec management education and the case study affords you unmatched consulting experience. Using interactive e-Learning technology, you can earn this esteemed degree, without disrupting your career or home life. http://www.msia.norwich.edu/secfocus ---------------------------------------------------------------------------
Current thread:
- Re: Password Storage, (continued)
- Re: Password Storage Rob klein Gunnewiek (Aug 02)
- Re: Password Storage Robert Larsen (Aug 02)
- Re: Password Storage Ayaz Ahmed Khan (Aug 03)
- RE: Password Storage Nicholas Fanelli (Aug 02)
- Re: Password Storage Greg Merideth (Aug 03)
- Re: Password Storage Saqib Ali (Aug 04)
- Re: Password Storage Glenn English (Aug 03)
- Re: Password Storage Kenton Smith (Aug 03)
- Re: Password Storage guhus (Aug 02)
- Re: Password Storage info (Aug 02)
- Re: Password Storage c . brace (Aug 02)
- Re: Password Storage Needs More Longcat (Aug 03)
- RE: Password Storage Del Thompson (Aug 02)
- RE: Password Storage Dunigan, Michael (Aug 03)
- RE: Password Storage Krpata, Tyler (Aug 03)
- Re: RE: Password Storage krymson (Aug 03)
- Re: Re: Password Storage mail (Aug 03)
- Re: Password Storage Doug W (Aug 04)
- What to look in IIS Logs on daily basis Bhattacharya, Ananda (Aug 04)
- RE: Re: Password Storage BARRETT,WILL (Aug 04)
- Re: Password Storage e . m . baechle (Aug 04)