[clug] [OT] all text passwords == secure?
sam at couter.id.au
Tue Aug 28 08:29:20 MDT 2012
Scott Ferguson <scott.ferguson.clug at gmail.com> wrote:
> Which is *not* a reason to change the policy - it's the reason why
> people should examine the cause of all those 'professionals' being
> unable to manage the most basic elements of their "profession" - access.
There are many reasons, including that IT recommends password creation
strategies that make passwords difficult to remember, which is the whole
point of this discussion. Remember, we're talking about people who don't
know anything about security, don't care, and probably shouldn't have to
care. It's not their profession, it's not what they do to make money for
an organisation, it just gets in the way. If IT make the right
recommendations and are proactive about checking password strength
instead of using outdated password strength policies, the users really
don't need to care.
Sam Couter | mailto:sam at couter.id.au
OpenPGP fingerprint: A46B 9BB5 3148 7BEA 1F05 5BD5 8530 03AE DE89 C75C
More information about the linux