Biggest security problem--it's human
If we can rely on one other certainty in this world other than death and taxes, it is forgotten passwords. It's an ailment that affects us all, and we all have our own ways of dealing with it. Some of us stick to a single password that we use everywhere--whether it's a pet's name, a memorable date or the make of our monitor. Some of us use one password for each service we access, and then promptly forget each and every one. Some of have thrust upon us by (rightly) paranoid system admins very safe, very convoluted passwords that we promptly write down on a post-it note and stick to our monitors. A few very peculiar souls actually make up their own very safe, very convoluted passwords (over eight characters with non-alpha characters please) that they actually remember them, but I'm not convinced that these people actually exist.
The problem with passwords is that they are so essential but so susceptible to human nature--which, as someone once said, cannot be slandered; it is worse than words can paint it. Passwords have an uncommon ability to draw out from the most successful, sensible and intelligent individual, an idle Neanderthal with the memory of a lobotomized goldfish. They make us stupid, but we should all by now have come to expect and accept that.
[ Read more ]
- Article: How to Use Passwords Securely (22 April 2003)
- Article: Implementing Basic Security Measures (14 April 2003)
- Article: Cracking OpenVMS Passwords with John the Ripper (28 November 2002)
- Article: What makes a good Password? (13 November 2002)
- Article: A Note on Proactive Password Checking (24 September 2002)
- Article: Basic security with passwords (24 May 2002)
- Article: Passwords - The Weak Link (1 April 2002)