North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: User negligence?

  • From: David Lesher
  • Date: Sun Jul 27 10:23:42 2003

Speaking on Deep Background, the Press Secretary whispered:
> 
> 
> So, I end up having to do something INSECURE to remember the stupid 
> password.  Either I have to create an insecure and "easy to remember" 
> password, or I have to write it down somehow.  Now we are back to the root 
> problem, that the user's computer/user's password is now "insecure" and it 
> "isn't the bank's fault" when the user's password is discovered and used 
> without the user's permission.  Well, that's BS.  The bank created a policy 
> that can not be securely followed!  There is more to maintaining a secure 
> password than changing it frequently.  The policy has to be on that can be 
> effectively followed by most people!


Strip <http://www.zetetic.net/index.html> is your helper here.


-- 
A host is a host from coast to [email protected]
& no one will talk to a host that's close........[v].(301) 56-LINUX
Unless the host (that isn't close).........................pob 1433
is busy, hung or dead....................................20915-1433