[59945] in North American Network Operators' Group
Re: User negligence?
daemon@ATHENA.MIT.EDU (David Lesher)
Sun Jul 27 10:22:25 2003
From: David Lesher <wb8foz@nrk.com>
To: nanog@merit.edu (nanog list)
Date: Sun, 27 Jul 2003 10:21:00 -0400 (EDT)
In-Reply-To: <6.0.0.10.0.20030727064929.036984d8@127.0.0.1> from "JC Dill" at Jul 27, 2003 07:15:36 AM
Reply-To: wb8foz@nrk.com
Errors-To: owner-nanog-outgoing@merit.edu
Speaking on Deep Background, the Press Secretary whispered:
>
>
> So, I end up having to do something INSECURE to remember the stupid
> password. Either I have to create an insecure and "easy to remember"
> password, or I have to write it down somehow. Now we are back to the root
> problem, that the user's computer/user's password is now "insecure" and it
> "isn't the bank's fault" when the user's password is discovered and used
> without the user's permission. Well, that's BS. The bank created a policy
> that can not be securely followed! There is more to maintaining a secure
> password than changing it frequently. The policy has to be on that can be
> effectively followed by most people!
Strip <http://www.zetetic.net/index.html> is your helper here.
--
A host is a host from coast to coast.................wb8foz@nrk.com
& no one will talk to a host that's close........[v].(301) 56-LINUX
Unless the host (that isn't close).........................pob 1433
is busy, hung or dead....................................20915-1433
