Passwords. You must use caps, lower-case, numbers, and special characters, too. In addition, they should be a minimum of 24 characters and change every 90 days, etc.. Its all crap. Dont believe this stuff. Firstly, almost all passwords are given away, either by using stupid obvious passwords, or by leaving a list of passwords somewhere where they can be discovered. Second, hackers rarely can actually crack your password, whether they be 64, 128, 256, or 512-bit. Forcing all of these password rules (like the DoD does) only forces people to write down passwords where they can ultimately be discovered by someone else. This is because people nowadays have multiple accounts with different password rules, making it difficult to keep track of all those passwords. Third, the biggest problem government and firms have these days is that the data itself is being hijacked because of faulty security built into the sites and servers that actually house their data. Your account is more likely to be hacked, along with thousands of others at the same time - because the facilities that store and keep the data have huge holes. Forcing passwords to expire (and not being able to use the same passwords used in the past) makes it simply impractical for people to manage account passwords (even using password manager apps) without leaving them dangerously exposed to discovery by others. Network and domain admins, Im talking to YOU - especially the feds. Let people use what they WANT to use so that they can keep it in their heads, rather than in a word doc, text file, or note pad. Im no security expert, but I dont need to be to see the common sense rule is better than the 24 character rule.
Posted on: Fri, 29 Aug 2014 17:04:54 +0000
Recently Viewed Topics
© 2015