Slashdot Mirror

← Back to Stories (view on slashdot.org)

Spafford On Security Myths and Passwords

Posted by ryuzaki0 on Monday April 24, 2006 @05:41PM from the mostly-just-laziness dept.

An anonymous reader writes "In a recent blog post, Eugene Spafford examines password security along with related issues and myths. In particular, he discusses how policies that may not necessarily make much sense anymore end up being labeled 'best practices,' and then propagated based on their reputation as such."

1 of 356 comments (clear)

Min score:

Reason:

Sort:

Auto change? by posterlogo · 2006-04-24 18:37 · Score: 0, Redundant

Wouldn't it be simple to set the system to automatically request a password change from the user at manageable intervals? I know it's a "shove it down their throat" approach to security, but if it works...
Then again, changing passes too frequently causes people to forget them and the end up writing them down, which might be worse. I dunno, it's a tough nut to crack. Need something unique to the person... biometric, RFID, retinal scan, brain wave scan, etc.