Educause Security Discussion mailing list archives
Re: Please do not change your password
From: Valdis Kletnieks <Valdis.Kletnieks () VT EDU>
Date: Fri, 16 Apr 2010 10:27:54 -0400
On Fri, 16 Apr 2010 08:49:01 CDT, "Tonkin, Derek K" said:
I think a lot of the confusion and difficulty could be reduced by losing the thinking that each password âif I'm responsible, needs to be differentâ. I think this is one of those areas where the cost vs. risk mitigated is badly out of balance. Youâve clearly established that you basically have two sets of information, sensitive and non-sensitive. To me that would indicate the need for two passwords.
Except that in most cases, the "sensitive" information can't be treated as "sensitive to the same constituency", so it can't be blindly lumped together as "two sets of info".
Attachment:
_bin
Description:
Current thread:
- Re: Please do not change your password, (continued)
- Re: Please do not change your password Steve Werby (Apr 15)
- Re: Please do not change your password Alex Keller (Apr 15)
- Re: Please do not change your password John Ladwig (Apr 15)
- Re: Please do not change your password Tom Talley (Apr 15)
- Re: Please do not change your password Eric Case (Apr 15)
- Re: Please do not change your password Eric Case (Apr 15)
- Re: Please do not change your password John Ladwig (Apr 15)
- Re: Please do not change your password Geoff Nathan (Apr 16)
- Re: Please do not change your password Allison Dolan (Apr 16)
- Re: Please do not change your password Tonkin, Derek K (Apr 16)
- Re: Please do not change your password Valdis Kletnieks (Apr 16)
- Re: Please do not change your password Tonkin, Derek K (Apr 16)
- Re: Please do not change your password Koerber, Jeff (Apr 16)
- Re: Please do not change your password Eric Case (Apr 16)
- Re: Please do not change your password Matthew Gracie (Apr 16)
- Re: Please do not change your password Steve Werby (Apr 16)
- Re: Please do not change your password Kevin Kelly (Apr 16)
- Re: Please do not change your password Russell Fulton (Apr 17)