Passwords

Apr. 7th, 2005 02:34 pm
[identity profile] anivair.livejournal.com posting in [community profile] techrecovery
A recent exchange about password security.

Collections Manager: Why can't she use this as a password, nobody's going to guess that!
Me: Keith . . . that's the first three letters of her first name and the first two letters of her last name. I'm not using her name as her password.
Collection Manager: Nobody's going to guess that! I'd bet you a thousand dollars.

Right. you do that. The fact that you wouldn't guess it doesn't mean about a thousand other people wouldn;t.

And even if they don't and even if she's just a collector and doesn't have much power on the system I am not in the habit of letting people use weak passowrds. Period.

What a bad idea.

Fortunately, his opinion on computer security means exactly nothing.
  • Add Memory
  • Share This Entry
Threaded | Top-Level Comments Only

Date: 2005-04-07 06:47 pm (UTC)
jecook: (Default)
From: [personal profile] jecook
Make it corporate policy, and get it wirtten in the policy manaul. This way they don't have a leg to stand on.

Date: 2005-04-07 06:50 pm (UTC)
From: [identity profile] valiskeogh.livejournal.com
reminds me of the call where the guy was quite suprised when i told him that "password" was NOT a good password...

Date: 2005-04-07 07:00 pm (UTC)
From: [identity profile] kalidor.livejournal.com


Actually that was one of the things I mentioned in the corporate policy template I prepared for one of his bosses. Unless ... my boss edited the policy before giving it to his boss because he didn't like it being too secure ... ?

Date: 2005-04-07 07:03 pm (UTC)
From: [identity profile] kalidor.livejournal.com
And note .. I shoulda sent you my original draft for a corporate policy template ...in case it somehow got intercepted and changed before it reached your companies fax machine .... mysteries ...

Date: 2005-04-07 07:30 pm (UTC)
From: [identity profile] jacobine.livejournal.com
I admit, we let our users have all sorts of passwords. Our main requirement: it has to be at least 8 characters. (Given when I started, it had to be 5, this is progress. But oh, the users bitch whenever we change it!)

I do set passwords to password sometimes... usually with the 'must change password at next login' box checked :)

Date: 2005-04-07 07:40 pm (UTC)
From: [identity profile] rhonan.livejournal.com
Hell I've used my cat's name as a password, and I don't think that's all that weak.

Date: 2005-04-07 07:44 pm (UTC)
From: [identity profile] jahbulon.livejournal.com
Unless your cat's name is a random string of alphanumeric digits known only to you, it is a weak password.

If anyone knows you and wants to get into your password protected systems, they'll probably try your pet names. It may not be likely to happen, but that is irrelevant.

Date: 2005-04-07 07:52 pm (UTC)
From: [identity profile] rhonan.livejournal.com
Well, it was at work, and my cat's name is $kr1p7_k177y.

Date: 2005-04-07 08:14 pm (UTC)
From: [identity profile] jahbulon.livejournal.com
Hehe cute..

Date: 2005-04-07 08:26 pm (UTC)
From: [identity profile] rhonan.livejournal.com
Da, his brother is 'Five".

Date: 2005-04-07 11:04 pm (UTC)
From: [identity profile] methedras.livejournal.com
We couldn't give a rat's about people's passwords. Haha.
  • Add Memory
  • Share This Entry
Threaded | Top-Level Comments Only

Profile

techrecovery: (Default)
Elitist Computer Nerd Posse
Tech Comedy (Reddit)

April 2017

S M T W T F S
      1
2345678
91011121314 15
16171819202122
23242526272829
30      

Most Popular Tags

Page Summary

Style Credit

Expand Cut Tags

No cut tags
Page generated Mar. 20th, 2026 08:10 pm
Powered by Dreamwidth Studios