funsec mailing list archives
Re: 1 in 3 workers write down passwords
From: "Dude VanWinkle" <dudevanwinkle () gmail com>
Date: Tue, 17 Oct 2006 21:45:47 -0400
On 10/17/06, Ron <iago () valhallalegends com> wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Dude VanWinkle wrote: > One in three workers jot down passwords: study > http://today.reuters.com/news/articlenews.aspx?type=technologyNews&storyID=2006-10-17T205533Z_01_N17230049_RTRUKOC_0_US-LIFE-PASSWORDS.xml&WTmodLoc=TechNewsHome_C1_%5bFeed%5d-9 > Hmm, I generally tout myself as a security guy, but I have to admit, even I do that sometimes. Generally, when I'm given a password for a remote system that is something like "7QbbBr2CqqS", I'll write the password, all by itself, on a yellow sticky note and stick it to my monitor for a week or two, until I feel like I've memorized it well enough to toss (fine, eat) the note. I think one of the major issues is: stupid passwords. I've spent time at places that have completely asinine password policies (must be 8 characters or longer, letters and numbers and at least 2 symbols, no spaces, no 2 characters within every 4 characters can be the same, etc. etc. etc.). Worse yet, the users are GIVEN a password that looks like somebody sat on a keyboard, and is expected to memorize it. I think that we really have to make a request of password-based software: - - Allow spaces - - No maximum length - - Encourage a pass phrase
You are right, AS400 has a ways to go before they get to the level of MS where password complexity is concerned:-) -JP -JP _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- 1 in 3 workers write down passwords Dude VanWinkle (Oct 17)
- RE: 1 in 3 workers write down passwords Richard M. Smith (Oct 17)
- RE: 1 in 3 workers write down passwords Drsolly (Oct 17)
- RE: 1 in 3 workers write down passwords Richard M. Smith (Oct 17)
- RE: 1 in 3 workers write down passwords Drsolly (Oct 17)
- Re: 1 in 3 workers write down passwords Drsolly (Oct 17)
- Re: 1 in 3 workers write down passwords Dude VanWinkle (Oct 17)
- Re: 1 in 3 workers write down passwords Ron (Oct 17)
- Re: 1 in 3 workers write down passwords Dude VanWinkle (Oct 17)
- Re: 1 in 3 workers write down passwords coderman (Oct 18)
- Re: 1 in 3 workers write down passwords Dude VanWinkle (Oct 18)
- Re: 1 in 3 workers write down passwords coderman (Oct 18)
- RE: 1 in 3 workers write down passwords Richard M. Smith (Oct 17)
- <Possible follow-ups>
- RE: 1 in 3 workers write down passwords Toralv_Dirro (Oct 18)
- Re: 1 in 3 workers write down passwords Fergie (Oct 18)
- Re: 1 in 3 workers write down passwords coderman (Oct 18)
- Re: 1 in 3 workers write down passwords Brian Loe (Oct 18)
- Re: 1 in 3 workers write down passwords coderman (Oct 18)