Profile

unixronin: Galen the technomage, from Babylon 5: Crusade (Default)
Unixronin

Links

December 2012

S M T W T F S
      1
2345678
9101112131415
16171819202122
23242526272829
3031     

Navigation

Page Summary

Most Popular Tags

Expand Cut Tags

No cut tags

Unlearned lessons

unixronin: Closed double loop of rotating gears (Gearhead)
[personal profile] unixronin
Tuesday, October 2nd, 2007 06:02 pm

Today's User Friendly strip makes a security point I've commented on myself many a time:  If you make your password policy demanding enough, you can force all of your users to write their passwords down, and the odds are at least some of them will leave their password notes where they can be seen and/or found by someone who shouldn't have them.  At which point your carefully crafted password policy, proof against any but the most massive distributed brute-force attack, becomes vulnerable to the pizza boy who happens to glance at the receptionist's desk while chatting her up on his way through the front lobby.

  • Current Location: Merrimack, New Hampshire
  • Current Music: Saga :::: The Security of Illusion :::: Voila!   [ddj]
Tags:
Flat | Top-Level Comments Only

[identity profile] ithildae.livejournal.com
Tuesday, October 2nd, 2007 11:48 pm (UTC)
When I was an IT professional, that always just bugged me no end. I don't mind tougher security for those coming in through the firewall, but for those inside, give it a break.

The other option is to assign passwords from a random character generator. That is what happened when I worked for the government. Getting a password replaced was a significant problem, but it worked. Every six weeks, we got an email notifying us of the change.

ext_85396: (Gearhead)
[identity profile] unixronin.livejournal.com
Wednesday, October 3rd, 2007 12:01 am (UTC)
At Cardima, I actually put together a little class on how to pick a strong-enough password that you can still remember. No single words, no information that can be trivially looked up about you, create something out of multiple elements that are individually meaningful to you but not to anyone else (and that wouldn't be obvious to someone else as things that would be meaningful to you). Maybe the first name of the girl you had a secret crush on in eleventh grade and never told anyone, and the place a character from your favorite book was born, separated by the first half of the license plate of the car your uncle crashed into a moose last Thanksgiving.

[identity profile] ithildae.livejournal.com
Wednesday, October 3rd, 2007 07:02 am (UTC)
I used to do things like the second letter of my children's middle names, in reverse order or height (or weight) which was not the same as age. You can do many things that enable you to remember a strong enough password. It just takes effort.
Flat | Top-Level Comments Only