| |||||||||||||
|
| |||||||||||||
The other security problemThe other security problemPosted Apr 24, 2003 1:56 UTC (Thu) by mark (guest, #1921)Parent article: The other security problem The problem IMO is not that people are stupid, as the article seems to suggest. All this demonstrates is that *passwords* are stupid. They are a throwback to the same days that brought us SMTP and telnet. There are at least two important reasons why passwords are stupid. Firstly, people share passwords to solve problems caused by software and business processes that don't adequately support their needs. Sharing passwords is orders of magnitude easier than fixing software or business problems. Second, we store passwords in cleartext in people's heads when we would never consider doing so in our computer. But it's much easier to get access to someone's head than to someone's hard drive. Why do we keep blaming the people for being "stupid" when it's the way that we store the password that's at fault? Cheers
(Log in to post comments)
The other security problem Posted Apr 24, 2003 2:19 UTC (Thu) by Ross (subscriber, #4065) [Link] So you only store encrypted passwords in your brain? :) Do you use symmetric or public key encryption? Where do you store your encryption password?
The other security problem Posted Apr 24, 2003 6:31 UTC (Thu) by amikins (guest, #451) [Link] I just use rot13; I don't have enough wetware cycles for anything more advanced.
The other security problem Posted Apr 24, 2003 19:45 UTC (Thu) by iabervon (subscriber, #722) [Link] I store my passwords as motor programs. They're must harder to blurt out accidentally than character sequences...
|
|
||||||||||||