[olug] The Usability of Passwords

Wed Mar 30 21:33:27 UTC 2011

   With a lot of users you have a lot of abuse. Set the bar and continuously
   send the message of coplexity.

   Dave Rowe <dave at roweware.com> wrote ..

On Wed, Mar 30, 2011 at 3:02 PM, Kevin D. Snodgrass
wrote:

> --- On Wed, 3/30/11, Dave Rowe  wrote:
> > Oh man, and you and I would not get along :/
>
> Better hope I'm never in charge of any system you need to log into then.
> :-)
>
> > Why not, instead, institute a policy that after 3 - 5 failed logins
> > the account is locked.
>
> Oh, that was in effect also.  3 strikes and you're locked out.  Gotta come
> to me to get reset.  Most people disliked the experience so much they never
> got locked out a second time.  :-)
>
> I was a BOFH before I ever read The Reg....
> http://www.theregister.co.uk/odds/bofh/
>
> Kevin D. Snodgrass
>

Congratulations?  No offense, but had I been the VP of Sales you mentioned,
it would have been you that had the bad day.  Requiring a policy where the
only to remember the password is a post-it note, is a sign of a problem,
that lies NOT with the user.

I am genuinely curious - for other admins on the list - given a lock out
scenario / delayed re-attempts (as noted in the original article) - how
_drastically_ important is the overly complex password scheme?  Even the
password change scheme?  What makes a reasonably complex password (like
oranges75) go bad after 30 days?

-Dave
_______________________________________________
OLUG mailing list
OLUG at olug.org
https://lists.olug.org/mailman/listinfo/olug

   ****************************************************************************
   *************************************** As technology extends it's teaching
   hands most will succomb to misinformation, degrading societal momentum to
   learn. Change in geology takes tens of millions of years. Change in genetics
   takes thousands of years. Change in society can happen in minutes. Careful
   what you pass along.......