ehowton: (Default)
ehowton ([personal profile] ehowton) wrote2008-10-24 02:00 pm
  • Add Memory
  • Share This Entry
  • Current Location: 75070
  • Current Music: Goldsmith - The Boys from Brazil
Entry tags:

Scatophagous


With password complexity and re-use rules spiraling wildly out of control from scatophagic companies trying to counter elusive security threats with non-specific blanket policies (War on Terror anyone?) the employees are being held hostage though managerial hysteria.

While its true that the best policy is password strength, forcing users to be unable to use the same password across multiple accounts (though in and of itself, also a good policy by minimizing the number of systems which could be accessed through a compromised password) through lengthy password recycle times and short aging policies, security actually becomes weakened because users are now starting to write them down. And not just average users - but professional IT staff as well! No one has as many systems which need to be accessed as we do - we hold the keys to the kingdom, and forcing us to write them down (albeit usually in some form of lightly encrypted means) seems to me a greater breach of security.


MINALPHA=1
MINDIFF=5
MINDIGIT=3
MINSPECIAL=2
MINUPPER=2
MINLOWER=2
MAXREPEATS=0
WHITESPACE=YES
NAMECHECK=YES
DICTIONDBDIR=/var/passwd
DICTIONLIST=/usr/share/lib/dict/words
MINWEEKS=1
MAXWEEKS=2
PASSLENGTH=256

Flat | Top-Level Comments Only

[identity profile] galinda822.livejournal.com 2008-10-24 07:11 pm (UTC)(link)
I have forgotten my 6 passwords at least 3 times in the past month. And you know I always use different variations of the same one. So even with that, the requirements have gotten me all friggin confused. Everytime I forget, I just call into the help desk.
I'm sure I'll forget them by Monday again! :)

[identity profile] ehowton.livejournal.com 2008-10-24 07:38 pm (UTC)(link)
Those poor bastards, having to schlep password changes due to assinine scatophagerial policy. We've all been been impacted in one way or another.

[identity profile] melancthe.livejournal.com 2008-10-24 07:58 pm (UTC)(link)
Your post is, er, scattered with the intensity of your annoyance, especially with the scatophagids in management and their coprophagous ways.

[identity profile] ehowton.livejournal.com 2008-10-24 08:06 pm (UTC)(link)
I think it shows a certain dung of manurity that I was able to maintain such levelheadedness in describing the nature of my ire.

[identity profile] melancthe.livejournal.com 2008-10-24 08:14 pm (UTC)(link)
It did indeed. A good display of wiping the other cheek, as it were, as you try to remember your second, and maybe even your turd password.

[identity profile] ehowton.livejournal.com 2008-10-24 09:55 pm (UTC)(link)
That's just a bunch of shit.

[identity profile] hiro-antagonist.livejournal.com 2008-10-25 08:32 am (UTC)(link)
The whole 'passwords' thing has to change. Pass phrases seem to be one good solution, but I fear they'll never be adopted by the public at large :(

Memorable, unique and secure, pick two.

Authenticate against your challenge on my mark:

[identity profile] ehowton.livejournal.com 2008-10-25 02:34 pm (UTC)(link)
Excellent idea! And since a large portion of today's security measures are initiated by the porn industry, its they who need to first adopt it. After that, everything will happen rather quickly.
Flat | Top-Level Comments Only