IWETHEY v. 0.3.0
|
TODO
1,095 registered users | 0
active users
| 0 LpH |
Statistics
Login
|
Create New User
Welcome to IWETHEY!
IWETHEY Home
/
IWETHEY Board
/
Security Forum
/
BINGO!
Post #204,383
by
hnick
4/22/05 7:44:21 AM
Reply
BINGO!
If you have a strong password initially and you have a lockout after a few attempts, there is no point in constantly changing unrememberable passwords. It just makes things worse.
Password policy letter
- (
Silverlock
)
- (29)
- April 15, 2005, 09:46:33 AM EDT
Disagree about the expiration
- (
hnick
)
- (22)
- April 15, 2005, 10:43:10 AM EDT
"feel free to adapt"
- (
Silverlock
)
- (21)
- April 15, 2005, 11:50:01 AM EDT
Re: "feel free to adapt"
- (
Yendor
)
- (19)
- April 15, 2005, 11:52:47 AM EDT
Are you sure about that?
- (
Silverlock
)
- (18)
- April 15, 2005, 12:11:37 PM EDT
Let's say I'm a bad guy
- (
Yendor
)
- (17)
- April 15, 2005, 12:32:00 PM EDT
On the other hand
- (
JayMehaffey
)
- April 15, 2005, 01:09:01 PM EDT
Account locked after 5 bad passwords
- (
Silverlock
)
- April 15, 2005, 01:42:53 PM EDT
You are an *incompetent* bad guy
- (
ben_tilly
)
- (3)
- April 15, 2005, 02:10:27 PM EDT
Granted...
- (
Yendor
)
- (2)
- April 15, 2005, 03:18:07 PM EDT
Disagree
- (
Silverlock
)
- April 15, 2005, 04:01:40 PM EDT
But not enough to be even remotely useful
-NT
- (
ben_tilly
)
- April 15, 2005, 04:39:52 PM EDT
Re: Let's say I'm a bad guy
- (
dws
)
- (10)
- April 21, 2005, 07:47:02 PM EDT
BINGO!
- (
hnick
)
- April 22, 2005, 07:44:21 AM EDT
Yep, during security audit at gov agency I worked at
- (
tuberculosis
)
- April 22, 2005, 09:37:09 AM EDT
What's the alternative?
- (
Silverlock
)
- (6)
- April 22, 2005, 10:57:58 AM EDT
Yeabut requiring frequent changes makes it worse.
- (
Another Scott
)
- (2)
- April 22, 2005, 11:12:12 AM EDT
As I said before
- (
Silverlock
)
- (1)
- April 22, 2005, 11:44:09 AM EDT
Understood. :-)
-NT
- (
Another Scott
)
- April 22, 2005, 11:45:27 AM EDT
single signon with a 90 day passwd expiration
- (
boxley
)
- (2)
- April 22, 2005, 11:15:29 AM EDT
Single signon is a happy dream
- (
Silverlock
)
- (1)
- April 22, 2005, 11:46:37 AM EDT
Problem with SSO
- (
jbrabeck
)
- April 22, 2005, 11:57:02 AM EDT
Pretty much everyone will write it down anyways
- (
admin
)
- April 22, 2005, 01:48:35 PM EDT
Make the expiration longer than that.
- (
ben_tilly
)
- April 15, 2005, 02:12:00 PM EDT
I, like it! Me being the password Nazi at work
- (
folkert
)
- April 15, 2005, 11:25:48 AM EDT
And here
- (
jbrabeck
)
- April 15, 2005, 12:38:08 PM EDT
Make 'em use Unicode.
- (
Another Scott
)
- (1)
- April 15, 2005, 04:51:00 PM EDT
We've been looking at several alternatives
- (
Silverlock
)
- April 15, 2005, 04:54:25 PM EDT
Apart from the fact that passwords suck
- (
pwhysall
)
- April 15, 2005, 05:51:37 PM EDT
Bit of a late reply...
- (
static
)
- May 6, 2005, 12:44:47 AM EDT
i
we
they
.org
Soundtrack now available on Atlantic Records.
82 ms