[clug] [OT] all text passwords == secure?
Sam Couter
sam at couter.id.au
Sun Aug 26 16:19:00 MDT 2012
Scott Ferguson <scott.ferguson.clug at gmail.com> wrote:
> A common point of view, and a too common problem. I'd bet you're a
> public servant
I am.
> people tend to do the same things. Most public servants used a word for
> a password (my experience)
I do not and have not since I was a naive teenager twenty years ago.
I have in the past been part of an admin team that ran a password
cracker over our own users hashed passswords. We notified people with
bad passwords but there was no management support for forcing change. In
any case, my work password is reasonably secure and is not weak in
comparison with the other security practices in use.
> And it's not like they all got together and workshopped it - it's just
> human nature (expend no more energy than absolutely necessary -
> thermodynamics law no#2).
Exactly. Fighting against that is a losing battle. The answers lie
elsewhere.
--
Sam Couter | mailto:sam at couter.id.au
OpenPGP fingerprint: A46B 9BB5 3148 7BEA 1F05 5BD5 8530 03AE DE89 C75C
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 198 bytes
Desc: Digital signature
URL: <http://lists.samba.org/pipermail/linux/attachments/20120827/421a75c8/attachment.pgp>
More information about the linux
mailing list