Posted on 05/05/2016 4:22:20 PM PDT by Swordmaker
taxcontrol wrote: “The problem with that train of thought is that the weakest part of the vast majority of systems is the user’s password.”
I don’t dispute that. My point is that once you implement these rules for passwords, the system becomes unworkable.
For example, explain to me this. You have 30 accounts, each with a unique user name. Each must have a unique strong/complex password. Each password must be 12 characters long and contain at least two upper, two lower, two special case, and two numbers. You are not allowed to write down the user names of the passwords. Each password changes on a 90 or 150 day schedule.
Now tell how any individual can comply with these requirements. The idea that one can use a ‘cute little phrase’ is fine for one or two or three passwords. It won’t work for much more than that.
My point is this. The password maybe the weakest part of the system but imposing requirements beyond the capabilities of the human workers doesn’t help that.
I liked my last employers suggestion. I could seal each user name and each password on a slip of paper inside an envelope. Each name/password required it’s own envelope. I couldn’t write the user name on the outside of the envelope. The envelope had to be stored in a locked safe that was in another building approximately 200 yards from mine. If I needed a password, I was to walk to the other building, guess which envelope contained the user name/password, memorize the user name and password, reseal in a new envelope, and return to my office.
This whole idea of strong/common passwords is BS anyway. Take for example two passwords, each 12 characters long. Both, statistically speaking, are just as strong regardless of whether they contain special characters, upper lower case, etc., as long as they can contain those. It’s the length and the number of possible characters that drives the difficulty, not the content. When you start specifying that a password must have certain content, then it is no longer random, is less complex, and easier to break.
Bookmark
Hey...that’s exactly how it was before I retired.
I recommend 1Password for Mac, iPad, iPhone, and even Non-Apple platforms, although it’s primarily a program targetted at Apple users. I think it is the top product of this kind for the mac. I’ve been using it for many years, and except for one missing feature, I am very happy with it.
And regarding SwordMaker’s reply about you not needing such a program because of the OS-X keychain - it’s not the same thing (and btw, Windows has the equivalent of the keychain, too). 1Password let’s you store all kinds of info, generate secure passwords, fill in web forms, back up the password db, and can (optionally) synchronize the password database between computers. There is a free trial if you want to give it a whirl before buying.
Thank You!
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.