[thelist] Re: changing password design

Diane Soini dianesoini at earthlink.net
Sat Sep 13 09:43:21 CDT 2003


I suppose as the designer you have to decide how secure does it really 
have to be. If you are designing something to serve as a community, you 
don't want a lot of barriers in place that will interfere with its 
growth. But you probably do want some. So total security is probably 
not really important for that. Just a small barrier to entry to obtain 
a measure of quality.

If it is banking then you do want super tight security. And I know 
nothing about that.

What I do know is I'm just like all these guys I copied below. On my 
desk at work I have a post-it note with a list of all the various 
passwords to all the various machines I have to log on to, especially 
the ones I don't log on to very often. How secure is that? Plus, there 
is one realm of the company controlled by a super tight security person 
who makes it nearly impossible for you to recover your password if you 
lose it. Nobody wants to deal with her. So you know what we all do? We 
end up sharing our usernames and passwords so we can at least get some 
work done right away, and once I even got the root password which is my 
BIG SECRET that I don't tell anybody just so I can continue to get 
stuff done.

I like the ideas people put forth for creating new passwords. I am 
running out of options I can remember. Thanks for that.

Fact is, there is no security anywhere. Identity theft is a huge 
problem.

Diane

On Friday, September 12, 2003, at 04:23 AM, 
thelist-request at lists.evolt.org wrote:

> Tony Crockford wrote:
>> What is secure?
>>
>> The harder you make it for me to remember my login the more likely I 
>> am
>> to write it down.
>
> I agree. I frequently curse systems that require me to thnk up a
> password that is "at least 7 characters long, including at least one
> upper case character, one lower case character and one digit" because
> they prevent me from using one of my standard 4 or 5 passwords that I
> have already commited to memory. I end up forced to write the password
> down because I haven't a chance of remembering it otherwise.
**************************************
This email comes to you via a funny, almost-Unix box named after fruit



More information about the thelist mailing list