Forgot your password?
typodupeerror
Security IT

Please Do Not Change Your Password 497

Posted by CmdrTaco
from the my-password-is-trustno1 dept.
cxbrx writes "Mark Pothier's Boston Globe article, 'Please do not change your password,' covers a paper by Microsoft Researcher Cormac Herley, 'So Long, and No Thanks for the Externalities: the Rational Rejection of Security Advice by Users,' from the 2009 New Security Paradigms Workshop. Herley argues 'that user's rejection of the security advice they receive is entirely rational from an economic perspective.' Herley discusses 'password rules,' 'teaching users to recognize phishing sites by reading URLs,' and 'certificate errors.' Users obviously choose bad passwords, but does password aging actually help? There was some discussion on TechRepublic. I'm especially interested in hearing about studies about password aging."
This discussion has been archived. No new comments can be posted.

Please Do Not Change Your Password

Comments Filter:

A freelance is one who gets paid by the word -- per piece or perhaps. -- Robert Benchley

Working...