[thelist] Re: changing password design
Diane Soini
dianesoini at earthlink.net
Sat Sep 13 09:43:21 CDT 2003
I suppose as the designer you have to decide how secure does it really
have to be. If you are designing something to serve as a community, you
don't want a lot of barriers in place that will interfere with its
growth. But you probably do want some. So total security is probably
not really important for that. Just a small barrier to entry to obtain
a measure of quality.
If it is banking then you do want super tight security. And I know
nothing about that.
What I do know is I'm just like all these guys I copied below. On my
desk at work I have a post-it note with a list of all the various
passwords to all the various machines I have to log on to, especially
the ones I don't log on to very often. How secure is that? Plus, there
is one realm of the company controlled by a super tight security person
who makes it nearly impossible for you to recover your password if you
lose it. Nobody wants to deal with her. So you know what we all do? We
end up sharing our usernames and passwords so we can at least get some
work done right away, and once I even got the root password which is my
BIG SECRET that I don't tell anybody just so I can continue to get
stuff done.
I like the ideas people put forth for creating new passwords. I am
running out of options I can remember. Thanks for that.
Fact is, there is no security anywhere. Identity theft is a huge
problem.
Diane
On Friday, September 12, 2003, at 04:23 AM,
thelist-request at lists.evolt.org wrote:
> Tony Crockford wrote:
>> What is secure?
>>
>> The harder you make it for me to remember my login the more likely I
>> am
>> to write it down.
>
> I agree. I frequently curse systems that require me to thnk up a
> password that is "at least 7 characters long, including at least one
> upper case character, one lower case character and one digit" because
> they prevent me from using one of my standard 4 or 5 passwords that I
> have already commited to memory. I end up forced to write the password
> down because I haven't a chance of remembering it otherwise.
**************************************
This email comes to you via a funny, almost-Unix box named after fruit
More information about the thelist
mailing list