Re: Security doesn't work (article)
This entire article is full of logical straw-men. We shouldn't have to change passwords because hackers are focusing on phishing attempts. We shouldn't have strong passwords because password tables are 'rarely stolen' ? This is laughable. Please, let me know when your company employs these strategies so I can sell some identities to the Russians.
-
Security doesn't work (article)
I really hate our idiotic IT policy that forces us to change our windows passwords. 10 chars+, upper/lower, number, and punctuation. That part's fine, that makes for a big keyspace. The problem is that they make us change it every 90 days, and you can't reuse from the last 10 passwords.
This article shows that policies like that really are idiotic :)
1) How often does someone lift a password file, take the time to crack it, and then come back in later? Most "cyber crime" seems to be phishing and other "live" attacks.
2) Prompting endlessly (FUCK YOU INTERNET EXPLORER) about "security warnings" just trains users to click "ok"
http://www.boston.com/bostonglobe/id...your_password/
Leave a comment: