nanog mailing list archives
Re: Dear Linkedin,
From: Hal Murray <hmurray () megapathdsl net>
Date: Fri, 08 Jun 2012 15:33:29 -0700
I have accounts at probably 100's of sites. Am I to understand that I am supposed to remember each one of them and dutifully update them every month or two?
Yes; of course if most of those accounts are moribund and unused then you don't need to change them so often, but the passwords you use frequently should be changed at regular intervals.
It's pretty commonsensical once the threat is understood.
Does anybody have a good URL explaining that idea? It's been kicking around for many years. I've never seen a convincing writeup. Does your bank request/require that you change the PIN on your ATM card every few months? Security is a tradeoff. I think there are two cases for passwords. I'll call them important and junk. I'm willing to store the junk ones in a file or piece of paper that I'm careful with. I have to memorize the important ones. I'm only smart enough to memorize a few good passwords. If I change them every few months, they will be less good, or fewer of them. -- These are my opinions. I hate spam.
Current thread:
- Re: Dear Linkedin,, (continued)
- Re: Dear Linkedin, Paul Graydon (Jun 08)
- Re: Dear Linkedin, elijah wright (Jun 09)
- Re: Dear Linkedin, joseph . snyder (Jun 09)
- Re: Dear Linkedin, Scott Howard (Jun 09)
- Re: Dear Linkedin, Jimmy Hess (Jun 09)
- Re: Dear Linkedin, Derrick H. (Jun 08)
- EBAY and AMAZON Brandt, Ralph (Jun 11)
- Re: EBAY and AMAZON Henry Yen (Jun 11)
- Re: EBAY and AMAZON Jo Rhett (Jun 11)
- Re: Dear Linkedin, Alec Muffett (Jun 08)
- Re: Dear Linkedin, Joel jaeggli (Jun 10)
- RE: Dear Linkedin, John Souvestre (Jun 10)
- Re: Dear Linkedin, Joel jaeggli (Jun 10)
- Re: Dear Linkedin, valdis . kletnieks (Jun 10)
- Re: Dear Linkedin, Mike Hale (Jun 08)
- Re: Dear Linkedin, Barry Shein (Jun 09)