Password Security Panned 387
museumpeace writes "Considering we just discussed passwords yesterday, is an uncanny coincidence that Technology Review runs an article today in which
Michael Schrage quotes a couple of security experts as being of the opinion that passwords are useless, with many negatives [the tougher rules only make them harder for users to remember, not harder for hackers to guess] But Shrage's suggestion that passwords are a weak bandage where system security admins and developers need to institute deeper security mechanisms such as "suspicion engines" has problems too. Any hidden filter meant to compare traffic on your account against profile of "normal" usage strikes me as both an invasion of privacy and a sure fire way to multiply calls to the help desks when a false alarm tosses out a legitimate user."
my password (Score:5, Funny)
Re:my password (Score:3, Funny)
Re:my password (Score:4, Funny)
Re:RFID keys for cars, why not PC's? (Score:3, Informative)
Might not be useful to you (Score:5, Interesting)
USB - gpg key? (Score:4, Interesting)
Or something similar. I'm looking to get rid of passwords altogether on my systems with something that's tested to work.
Any ideas if something like this works at all or anything like it that might be of some use?
Re:Might not be useful to you (Score:5, Funny)
Don't you mean "down"?
1-2-3-4-5 (Score:2, Funny)
Re:1-2-3-4-5 (Score:2)
can you elaborate? (Score:2)
i don't understand this. can someone elaborate please?
Re:can you elaborate? (Score:2, Insightful)
Not that I think it's a good idea, just that I don't think it has anything to do with privacy.
Re:can you elaborate? (Score:2, Insightful)
Re:can you elaborate? (Score:5, Interesting)
So, if you habitually browse armadillo porn, the system will know about it. And if you go a day *without* browsing armadillo porn, the system will think something's up and lock you out.
But do you really want the system to record the fact that you browse armadillo porn?
Re:can you elaborate? (Score:3, Funny)
I don't mind that, I just don't want it to know I read /.
Re:can you elaborate? (Score:5, Funny)
But do you really want the system to record the fact that you browse armadillo porn?
More importantly do you want to feel compelled to compulsively look at armadillo porn daily out of fear that if you don't it'll raise a red flag and you'll be "caught with your pants down"
That's a funny phrase to use here considering that you're getting caught for NOT looking at porn...
Re:can you elaborate? (Score:2)
But do you really want the system to record the fact that you browse armadillo porn?
Why -- do you know where I can score some?
Re:can you elaborate? (Score:4, Insightful)
And if your system's security is ever compromised, then the *attacker* will know about it, too. This would result in two things:
Re:can you elaborate? (Score:2)
Re:can you elaborate? (Score:5, Insightful)
This statement sounds very tinfoil hattish to me. There are many people who believe that a computer creating any sort of trace log is a violation of privacy. Personally, I find it good practice to record information about computer usage. For example, I usually record the incoming IP address of everyone who logs into a system. When dealing with critical information such as financial records or personnel files, I will keep a robust history of everyone who accessed a given record.
In one case, I designed a program for a call center. The call center would allow customer service agents access to a customer's credit card number. I recorded every time a customer service rep accessed a card number along with information on the call they were handling. The computer would report any abnormal behavior in the credit card number access to a supervisor.
Often the best way to improve your security is simply to provide your auditing information to your end users. For example, let's say I see a change in a behavior of a user...such as logging in from a different IP. I might make a program that informs the end user of this event. For example, if a person who usually logs in from Albany logs in from Kuala Lumpur, then I inform them of the event. IF they cannot remember traveling abroad recently, the change in behaviour just might be a security breach, requiring further investigation.
Imagine if your work computer reported the time from your last log in each time you accessed the system. So, you come in Monday morning and the system warns that you logged in during the weekend. Most workers would take something like this seriously as it implies someone was stealing their identity. Tin foil hatters would be livid that the system recorded the activities of the person who stole their identity.
Surely... (Score:5, Insightful)
Seems to me that's the main point of a password. They may not be the end-all of security, but they sure make a decent first line of defense.
Re:Surely... (Score:5, Interesting)
I have a few great passwords
- must not start with a number
- must have both letters and numbers (symbols don't count)
- can only be [a-z][A-Z][0-9]
I would love to meet the asshats that come up with these randomly applied "rules" just so I could kick them squarely in the nuts.
I used to only need two passwords for EVERYTHING (one "weak" password for discussion sites (eg - Slashdot) and one "strong" password for the important stuff). Alas, that was too easy. Now I have to maintain around 10 passwords that, IMNSHO, are far weaker that the ones they replaced (not by my choice).
For example, one large credit card company recently changed its password policy. Since my old password didn't "fit" in their new policy, they simply set it to something else without telling me. Mind you, the new password I had to choose is orders of magnitude easier to crack than the old password because they removed a number of possible characters.
Which brings up a point, what's the point in LIMITING the characters that can be used in passwords? How horrible are these designers that their apps choke on '&Dkf*l,@a', but 'b4dp4ass' is OK? What could they be doing that would disallow a number as the first character?
In close, if you have anything to do with the authentication process of a website, before you start throwing on random rules for passwords, do us all a favor and DON'T.
- Tony
I know!!! (Score:3, Insightful)
$making $all $passwords $into $perl $variables??
Re:Surely... (Score:4, Informative)
Allow in ' and some others, and you're inviting SQL injection attacks. Allow in left angle bracket and some others, and you're inviting cross-site scripting.
No sane person would worry about cross-site scripting in a password entry field, but nonetheless web developers have the reflex of limiting incoming characters to a supposedly safe set.
Re:Surely... (Score:3, Informative)
My favorite is when the password contains an '@' sign and they use it to log onto a site in internet explorer. Hilarity ensues.
Re:Surely... (Score:4, Informative)
I don't work in security of any sort, and I agree with you that more characters means better security. My immediate guess is that although it may make the password more crackable from one perspective, having fewer characters to worry about would make it safer to run the password through many API's.
Many string-related functions will do unexpected things with some special characters, and unless you know everything that it might do with every character, and all the ways that people might abuse this, it can be risky to assume that they've all been caught. In an ideal world, the programmer would know them all and know exactly what's happening to the password when it's processed, but I still know lots of great programmers who wouldn't be aware of several gotcha's in the printf() family of functions, for instance, that might be abused by crackers in one way or another.
Especially if some software was being coded in a group and everyone had to understand it, I'd sympathise with coders or managers who'd prefer to go with a password system they understood rather than gamble they knew more about their libraries than potential crackers.
Sounds like a great idea. (Score:5, Interesting)
Those keys were starting to be a bother in my pocket.
Of course passwords and keys can be bypassed, just as a locked door can be. But it's the fact that there's a locked door there that keeps a good percentage of casual villians out of your life.
Re:Sounds like a great idea. (Score:2)
Re:Sounds like a great idea. (Score:2)
Of course passwords and keys can be bypassed, just as a locked door can be. But it's the fact that there's a locked door there that keeps a good percentage of casual villians out of your life.
Yeah but part of the point here is that people who implement password systems are making them increasingly difficult for users to use (eg. Sorry, your password must contain at least 10 letters, some of which must be letters, some special symbols, some numbers). That's a lot harder to use/manage than a key, especia
Re:Sounds like a great idea. (Score:2)
The simple solution to that is to just use the same password everywhere :)
Re:Sounds like a great idea. (Score:2)
Sorry, your password must contain at least 10 letters, some of which must be letters, some special symbols, some numbers).
It's not so hard:
Re:Sounds like a great idea. (Score:5, Interesting)
Red flags do not trigger an immediate lockdown. They just suggest to an administrator that someone may be behaving in a way that you wouldn't, and that further investigation may be warranted.
IDSes are a great way to supplement the absolute uselessness of passwords, as long as administrators know how to use them effectively.
Password alternative (Score:5, Interesting)
Re: (Score:2)
Re:Password alternative (Score:2)
But here's where it goes wrong: if all services use the same key, then one being compromised can lead to all being compromised. Additionally, if you use a different key for each, well I've got enough crap on my keychain than you!
Re:Password alternative (Score:2)
It's fairly trivial for a website to offer a public key that can be used to create a unique login key for every site you visit, based on your own secret key.
You might still feed salt that is used in combination with the key that is stored on your USB device (or software), so even if somebody manages to steal your physical key, they won't be able to log in to your accounts without first cracking your password.
The scheme would simplify logins (login once, and you're automatically authenticated everywhere
Re:Password alternative (Score:2)
Re:Password alternative (Score:5, Insightful)
Re:Password alternative (Score:2)
If you withdraw lots of cash in London and 20 minutes later you are using a cash maschine in Lima your account will likely be locked immediately. Not that this compares to suspicious behavior in the computer world (because distance doesn't matter there), but I guess it's the same approach.
Comparing Traffic requires Activity (Score:4, Insightful)
Re:Comparing Traffic requires Activity (Score:3, Insightful)
Re:Comparing Traffic requires Activity (Score:2)
Re:Comparing Traffic requires Activity (Score:2)
It seems you would need mutliple inconsistencies before you could make the call. That's why I mention that they will have time to run around doing malicious mischeif.
Re:Comparing Traffic requires Activity (Score:2)
Password Lockout (Score:3, Interesting)
In other words, people get locked out by stupidity. Something that looks for abnormal behavior would be great, esp when people have idiotic passwords, and suddenly a methodical password attempt to login occurs.
Re:Password Lockout (Score:2)
That's true, but I'm not sure you realize whose stupidity.
Re:Password Lockout (Score:2)
Things to make this scheme more interesting:
- backup of encrypted databases possible
- protect main password by 2 man action of sysadmins
- use of strong password generator within same application
If you are worried about bad logins to a central authentication point (e.g.
Re:Password Lockout (Score:2)
OPIE nee S/Key (Score:2, Informative)
Most free Unix systems ship with SHA-1 capable S/Key support included.
He's right. (Score:5, Interesting)
In the future, we'll have smart cards that will act like our Social Security numbers/national IDs work today. Cash, credit, verification and signing will all be possible using one card or perhaps even an embedded chip, and we can once and for all eliminate this nonsense about having to remember a different password for each service or the concern about identity theft.
Re:He's right. (Score:4, Interesting)
I had heard of a password mechanism once that was based on facial recognition which seemed interesting. You chose a sequence of faces, and the computer asks you to choose a face from a selection. It sounded interesting. If anyone knows where the article is, I'd like to re-read on that topic.
Re:He's right. (Score:3, Interesting)
Not really. You will _always_ have a stage where the stuff is not encoded. If you can get my bioinformatic data once, I'm totally screwed, because I can't change my password to something else. My security will be forever broken.
Think about the current issues
Re:He's right. (Score:4, Funny)
Re: your sig. Dr. Spock was a famous pediatricion. Mr. Spock is from Star Trek. Also note that it wasn't he that said the line in your quote, I'm pretty sure it was Yoda from Star Wars. You've managed to bastardize my childhood worse than George Lucas and Rick Berman now, thankyouverymuch.
Re:He's right. (Score:2, Interesting)
Revelation 13:16-18, "And he causes all, both great and small, rich and poor, free and bond, to receive a mark in their right hand, or in their foreheads: And no man might buy or sell, save he that had the mark."
Re:He's right. (Score:2)
No password length can match a biometric
Sigh. How often do people have to explain this. A biometric makes a poor key. Biometrics are not changeable. Any key that cannot be changed easily is flawed.
If biometrics catch on security will go all to hell. One compromise and it's all over.
Re:He's right. (Score:2)
Re:He's right. (Score:4, Insightful)
Use something you have and something you know.
Changeable keys are better than unchangeable. If I break up with my girlfriend, I can change the locks to my house. If I think a online site may actually have been a russian mob front, I can change the password on all my other sites. If my fingerprints get lifted from a glass at the bar, I'm fucked forever. Biometrics are a bad idea. If my fingerprints, or DNA, or retina scan are put in one database that is hacked, and we rely upon those biometrics, I'm fucked forever.
Biometrics are easy to use, but unreliable. If they come into common use, they will be relied upon. This will introduce a false sense of security. It's sort of like having a doorman at your building who will look the other way for $5. You feel more secure. Maybe you don't bother to lock your door inside. Then you wake up dead.
One last thing. If some car jacker wants my car, they can jump me in the parking lot and take my keys. They need no real knowledge. They don't even need to know how to hotwire a car. If my car had a biometric key, they could still jump me and take it. I'd just be missing a body part. No thanks.
Your... what? (Score:5, Funny)
No password length can match a biometric, especially mine.
Help me out, are you dissing the security of your own password, or are you bragging about the size of your biometric?
Re:He's right. (Score:5, Insightful)
What do you do when you realize that even one of them has been breached? How do you change your security settings to lock out the intruder from the vulerable resources while allowing you to retain access?
Biometrics (Score:2)
First, Internet accounts need to have unlimited character lengths for passwords. For example, I believe Hotmail only allows 16 characters.
Second, once we have unlimited character lengths for passwords, we then could store biometrically generated passwords easily.
Biometrics in required situations, create problems. One, there is a privacy concern regarding biometrics, especially with the government. But more importantly, it creates the problem of what happens when someo
Passwords are a treatment, not a cure. (Score:2, Interesting)
Passwords are less about keeping people out and more about making people accountable.
Also useless for accountability (Score:2)
Re:Also useless for accountability (Score:2)
I am unimpressed. (Score:2)
The user will always be in the security chain. Ergo, no security chain can be made stronger than the user; ergo, having the user be the weakest link is a good thing. The key question is what aspect of the user is the weakness predicated on-- their memory? Their gullibility? The un
Invasion of privacy? (Score:2)
While I value my rights to privacy as much as the next person, how is this an invasion of privacy? If I am browsing a site, and it thinks I am a fraudulent user, and it makes me perform something to validate myself, how is that an invasion of privacy?
Seriously, are you
Re:Invasion of privacy? (Score:2)
Seriously, are you afraid Amazon's tracking of your browsing habits are wrong? Should they not do that? I mean, your willing to hand out your credit card to them, but please, don't let them track you!
Perhaps you should have a look at this recent story [slashdot.org] about a man who was wrongly charged with attempted arson based on his grocery purchases, tracked via his club card. Being tracked is one thing, but having a third-party piece together a context given the data can be alarming.
So... (Score:5, Insightful)
Passwords are good security because, if chosen well, they're fairly hard to crack, and fairly simple for legitimate users to use. Other forms of security tend to either be too easy to crack, or so cumbersome that legitimate users find ways around them rather than deal with the hassle.
Passwords are also superior to things such as biometric scanning on things like Internet sites, because they place a limit on how much trust you have on that site. Unlike biometrics, passwords can be easily changed if, say, you use the same password on multiple sites but find out that one of them has been using peoples' passwords to crack into their accounts on other sites.
These days, if you have a well chosen password, you're far more likely to get cracked because of some other undetected vulnerability in your system rather than someone guessing your password.
Re:So... (Score:5, Insightful)
Seems to me that there's a different difference that makes passwords worthwhile. See, there are three sorts of security measures (everything I can think of fits into one of these): Measure something the user has (like a keycard), measure something the user is (biometrics), or measure something the user knows (like passwords).
Something the user has can be stolen. With measuring something the user is, there's something like the risk of "being stolen". If it's a fingerprint scanner, someone could take your fingerprint from an object you've touched without your knowledge. If you use facial recognition, well, you're face is out in the open for everyone to see all day long-- couldn't someone somehow capture that image and re-display it? I know, they are improving the detail and complexities of the scanners all the time, but for however much they improve the resolution of the scanners, they just need to have a "camera" with enough detail to fool it. More complex scanning methods only mean you need more complex display/replay methods to fool them.
However, when it comes to measuring something the user knows, with current technology, there isn't a good way to "capture" that without my knowledge. At least not as long as I'm wearing my tinfoil hat.
Information wants to be free (Score:5, Funny)
But I wrote down all of my passwords... (Score:4, Interesting)
I couldn't believe my eyes...
Then some of my other users have started using "asdfg" and "qwerty" because I make them change it too often (every 90 days). I guess that's a little better than using their last name.
I agree that passwords ARE useless.
Re:But I wrote down all of my passwords... (Score:2)
Lastly, in bad handwriting so a G and 6 can be confused, write a false password on a post-it note and place under the keyboard.
Re:But I wrote down all of my passwords... (Score:3)
no kidding they have to use simple passwords. making them change password every three month does not improve security at all. if it gets hacked, you'd know it immediately - so why make people change every 3 months?
the key is to make everyone come up with a secure password they get to keep.
Re:But I wrote down all of my passwords... (Score:2)
Let me be unconventional and argue that the problem there was that the drawer was unlocked.
I did a risk analysis/threat modeling exercise on writing down passwords and translated it into Aunt Tillie language once for my free newsletter. Everyone says never to write down passwords, but they're just repeating what they heard themselves.
Physical keys (Score:5, Insightful)
Re:Physical keys (Score:2)
Now, if Microsoft were to decree that hardware vendors had to include a smartcard reader in order to get a Windows license, we might see some standardization.
Re:Physical keys (Score:2)
An ISS (Score:2)
But think about it. How often do your usage patterns change. I might be an atypical user, but my network packets don't keep the same pattern for now; I have a meta pattern that shifts every new project. This week I've been exchanging a lot of packets with our file server, talking with source safe, access databases, and collaborative UML modelling.
Last week nearly all my packets were terminal services to the productio
Limitations. (Score:2)
"Please enter your new password"
- {snigger} "PENIS" [OK]
"Your password is too small."
- {cowers}
I think that sums up users and passwords...
Activity monitoring. (Score:2)
I believe the credit card companies use this type of technology. Why not see what their real usage yields in effectiveness?
Passwords are fine, the systems that are broken (Score:5, Insightful)
It would certainly be easy for any on-line system to recognize a dictionary attack and distinguish it from user error or just a user who had forgotten his password. For example, a large number such as 25-30 hits against a small dictionary of vastly different but common words or passwords, without ever coming close to the actual password, should certainly trigger recognization of an attempt to break into an account and take appropriate steps (perhaps imposing a delay on the account, perhaps locking out the offending IP address, perhaps locking the account until there was human action, or some other action appropriate to the particular circumstances).
Users should always be advised of any failed attempts to gain access to the account after a sucessful login, a feature that is lacking from most current systems.
Re:Passwords are fine, the systems that are broken (Score:3, Interesting)
What happens when an intruder gets hold of a company directory, tries each username in sequence, and makes *one* login attempt to each using the password "password"?
Re:Passwords are fine, the systems that are broken (Score:3, Insightful)
Hence why any locking mechanism should be per-IP address..
Another option is simply to not lock the account but instead have a 15 second delay or so between failed attempts. Given a secure password, this makes brute force useless. That's only 240 attempts/hour. Suppose you use random case sensitive alphanumerics with a length of only 6. That would be 62^6 = 56,800,235,584 possibilities. Nice
hardware problem (Score:4, Informative)
Somehow, the world's ATM banking systems have managed to get by with a bare minimum of fraud for more than 20 years by relying upon only four-digit codes. So what do the banking geeks grasp about password management?
While the article continues to say that simple passwords are good, it overlooks the other half of the equation: the ATM card. Without both, no access is granted which seems to be the strength of the ATM.
The prevelence of password only authentication seems to be a hardware problem. Everyone has a keyboard, but almost no one has ( for instance ) a securid token.
A USB dongle might be the easiest solution, although standardization is obviously a problem. Gawd knows I wouldn't want to have one USB dongle for yahoo, one for NYTimes, one for my bank, et. al.
I can't tell you how many times (Score:2)
Or, how many passwords I've found on the backs of keyboards, or on post it notes stuck to the desktop or monitor.
Re:I can't tell you how many times (Score:2)
Poor comparison - Passwords to Bank Card Pins (Score:4, Insightful)
Sidebar
Factors are things you need to prove your identity and there are three types -
"what you know" - typically a password
"what you have" - typically a card, token, key fob, or digital certificate
"what you are" - typically biometrics
End Sidebar
The ATM example is 2-factor, which is inherently more secure than a password which is single factor
A far more secure approach would be to implement a two-factor authentication mechanism, however this increases cost and overhead (AOL is now offering this as an option - for a fee or course). Some other options are one-time password schemes where the password changes after each use, or graphical based passwords.
While in theory and practice passwords are not very secure, it must be pointed out that the other options are more expensive and more difficult to manage. Imagine having to carry 20-30 key fobs or a disk with a digital certificate everywhere you go.
"Experts" or salemen? (Score:2)
Yes, i know. Silly me, its not boring. Its New, Improved and with [Insert Trademark here]. Oh wow, you actually have a shipping product? Version 1.0? Nah, ProductX _is_ mature and the, eh, the flaws are read
Normal for who? (Score:2)
tin foil hat Taco? (Score:2)
Any hidden filter meant to compare traffic on your account against profile of "normal" usage strikes me as both an invasion of privacy and a sure fire way to multiply calls to the help desks when a false alarm tosses out a legitimate user.
You ever seen an Apache log file Taco? All the information's already there - all you have to do is parse it.
We're continually looking at ways to improve security without making the UI less intuitive (admin system for 300,000+ domain shared hosting accounts). We're cons
Suspicion Engine (Score:2)
Assumably, the suspicion engine compares normal patterns of activity with the current patterns. Now, there's two things about this that strike me as not too good... First, a pattern is a given set of occurences in a span of time. That span of time has to be small enough to catch and stop harmful activity, but large enough to be useful. Second, "normal" varies fo
bullshit (Score:2)
The biggest problem with passwords is that companies don't use secure network communications, but that's a problem in general. If we made all TCP streams encrypted by default, then that problem would go away.
As for banks, their password and card security is usu
Privacy? (Score:2)
Huh? OK I can see some of the false alarms but invasion of privacy? Would you, as the owner of the machine using this technology, monitor yourself? And if someone else monitored you, such as the company you're working for, you have no granted rights to sai
Client Certificates, Pub/Private Keys (Score:2)
Web _servers_ have been ussing SSL certs since day one. They are commonplace for web users verifying the identity of a web server.
But they can also be used for identifying the identify of the web _user_.
If client certs were more widely used by users, and more widely supported by web sites (a catch-22 situation I guess) then we can bypass usernames/passwords completely if we wish. And rely on the client certificate for identification purposes.
Then I won't have to keep coming up with unique passwords
Hard to remember? (Score:3, Informative)
HSBC Implementation (Score:3, Insightful)
On their phone system they ask for your account #, date of birth, and 3 digits from your security number. I've always been impressed by their system.
On a side note, I love how you never have to start telling the story from the top whenever they pass you on to another service representative. As soon as they pick up the phone it's "Hello Mr ______, how can I help?" I never thought I'd say this about a bank but the HSBC rocks!
Suspicion engines (Score:4, Insightful)
Then all of a sudden, it stopped working. On the weekend.
When Monday finally rolled around she rang up the credit card company to find out what was wrong and was informed that her card had been used in a number of suspicious places - several different countries in a short space of time in a dodgy part of the world, and had automatically been stopped.
Yes she said - I'm doing a whirlwind backpacking tour of said dodgy part of the world. All that usage is legitimate. The card was re-enabled - but the process would take a couple of days during which she had to borrow money from her travelling companions.
A week later, now in some other middle eastern country (I forget where), the same thing happened.
My point? People don't always behave consistently. Life is not always stable. The real kicker is that usually when people are behaving differently than they normally do it's because they are outside of their comfort zone and really need as many things as possible to go smoothly.
A suspicion engine can prevent legitimate use of a system in these situations.
Credit Card Companies (Score:3, Interesting)
Anyway, let's just say after this experience, I ripped up my Credit Card and will never do business with FirstUSA or affiliated banks again. (AT&T credit cards too, but that's a different, longer story.)
So, basically, these "detection" systems do nothing but risk false-positives and pissing off a bunch of people.
Repeat after me... (Score:3, Insightful)
You won't be secure until you educate end users, and get them to buy in to the idea of security. The weak link is rarely the hashing algorithm or the PRNG, it's the people. If you've got a bank vault with a huge steel door and a glass window, you find a rock. As long as people keep leaving passwords written down on stickies attached to the monitor, passwords won't be worth crap.
Instituting monitoring of accounts may or may not be a good idea, depending on your particular circumstances. But calling a security mechanism useless because some people don't know how to use it right is shortsighted.
Harder to remember != Harder to guess? (Score:3, Interesting)
And the guy's example of ATMs as "getting by" for the past 20 years isn't a very good indictment of having longer, more random passwords. ATMs don't just rely on 4-digit PINs, for Christ's sake. You have to have a card, which is another layer of security. And there's also a camera at the ATM machine. I'd love to see how good ATM security turned out to be if there was no camera and a total reliance on a 4-digit PIN.
The problem here isn't that passwords are ineffective; it's user ignorance and stupidity. If companies started enforcing a strict standard of making their employees memorize a 12-digit sequence of random characters, then weak passwords in corporations wouldn't be a problem. It takes all of 15 minutes to memorize a random password through muscle memory alone.
Users need to be made aware of the repercussions of having a weak password to a network. A lot of students at my university will constantly bitch and moan about our policy of making everyone change their passwords every 60 days. We tell them it's for security. They say, "Well I don't care if someone gets into my e-mail." It's not just the student's e-mail that's at risk. It's the network. If someone obtains a legitimate username and password for an account at my school, they have access to all of our site-licensed software as well as the VPN server. With access to the VPN server comes access to the SMTP server, which means that our SMTP server could be used as a spam relay, and that hurts everyone.
Re:Physical keys and computer workstations... (Score:2)
I thought those numbers were for identification purposes. Until I had a minor problem with my W2K computer and needed an administrative password. I called the IT department and asked for a password. I was told to use the one on the computer. I replied, what password? And you've guessed it, it's the id number.
Re:Worst article I've ever read (Score:3, Insightful)
just the suggestion that security could be improved by burying challenges to the identity and access for a user somewhere deeper in the system than the UI/passsword mechanism we are familiar with was still