Passwords...AAAARRRGGGHHH!!!!
- Thread starter farmkid
- Start date
Robert Maxwell,
If has to be audited and documented, wouldn't that mean the government would have the ability to hack every company's records?
If has to be audited and documented, wouldn't that mean the government would have the ability to hack every company's records?
When I was in the military we had to have passwords that, iirc, were 16 characters, 1 symbol, one number, one upper, and one lower. It wasn't all that hard for me, but I could understand how it could be a pain. For me, my friends and I were all nerds growing up, so I pretty much just too my name, or a place, or anything really and changed it to l337 text. It worked, but it got annoying to have to change it all the time.
Yeah, it's easy enough if you only have a few passwords to remember. But, in today's world, with multiple email accounts, workplace network security, online banking, e-commerce sites, media sites requiring login, BBSs, etc. it's easy to have dozens of passwords to remember. Sure, you can have a few passwords that you use many places, but then you have to remember which ones you used for each thing. Digital security becomes quite a nuisance.
sometimes wonder why PKI and smartcard or biometric readers aren't becoming more wide spread rather than putting users through the wringer of having to use complex passwords and change them every so often.
Biometrics actually aren't so good, really. If you need a family member or someone else you trust to access an account for you for some reason, are you supposed to give them your thumb? If your thumbprint becomes "compromised" nothing you used it for will ever be secured again. And if you should lose your thumb in an accident, you've lost access to anything secured by it.
My laptop can use facial recognition to log me in via its webcam. Which is a nifty gimmick, but a) by the time it recognizes me I can type in my password several times, and b) I don't trust it to either mistakenly identify someone else as me, or fail to recognize me for some reason.
a) even with biometrics you can still use a username/password
b) I'm not talking about for home users - I'm talking about business/office/government/secure environments.
again no.
in both cases you admins can make the changes - which is a lot easier than continually have to reset passwords because a user has forgotten their password general make the necessary changes - for a single user.
which is nothing compared to having change it for dozens or hundreds of users.
And I'll also remind you that biometric isn't just finger print -as pointed out facial recogniition can be used and other methods are coming along.
And it's only one option - the other is to use smart cards which where you combine the card with the a pin code so you can't use one without the other.
We have to change our password every 45 days (though the prompt starts appearing at 30 days). We have to use 8+ characters, one upper-case, one number. No symbol (though I do). Can't use the same password twice in one year. (Yes, it remembers for a length of time, not a number of passwords.) Because we use certain software, the password can't be more than 10 characters long, as the software can't handle it and uses our Windows IDs to log us in.
I work for the Civil Service, in case you hadn't guessed.
I work for the Civil Service, in case you hadn't guessed.
actually the passwords are remembered for as long as the admistrator set themWe have to change our password every 45 days (though the prompt starts appearing at 30 days). We have to use 8+ characters, one upper-case, one number. No symbol (though I do). Can't use the same password twice in one year. (Yes, it remembers for a length of time, not a number of passwords.) Because we use certain software, the password can't be more than 10 characters long, as the software can't handle it and uses our Windows IDs to log us in.
I work for the Civil Service, in case you hadn't guessed.
In a windows domain you set it so that it remembes upto the last 24 passwords which on a 90 day cycle means it would be 6 years before you could re-use a password and you can set a minimum length of up to 14 characters.
can anyone say BOFH
