RE: Security procedure question

["Craig Wright" <cwright () bdosyd com au>]

They are ... at least in a format which may be analysed offline with a
card reader and a little time.

How do you think they can do offline cash dispersal...

-----Original Message-----
From: listbounce () securityfocus com [mailto:listbounce () securityfocus com]
On Behalf Of Mario A. Spinthiras
Sent: Tuesday, 3 October 2006 7:37 PM
To: Pranav Lal
Cc: security-basics () securityfocus com
Subject: Re: Security procedure question

Pranav Lal wrote:
> Hi all,
>
> I remember reading somewhere that one practice for having strong
passwords
> was to allow the users to write them down but treat the paper on which
they
> were written like a credit card. If I remember correctly, the argument
went
> that since people don't leave credit cards lying around, they would
not
> leave their passwords lying around either.
>
> Has anyone tried this approach?
>
> Pranav
------------------------------------------------------------------------
---
> This list is sponsored by: Norwich University
>
> EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE
> The NSA has designated Norwich University a center of Academic
Excellence
> in Information Security. Our program offers unparalleled Infosec
management
> education and the case study affords you unmatched consulting
experience.
> Using interactive e-Learning technology, you can earn this esteemed
degree,
> without disrupting your career or home life.
>
> http://www.msia.norwich.edu/secfocus
------------------------------------------------------------------------
---
>  
If that where the foolish case then the intoxicated gentlemen that wrote

the referred subject scenario that you read is mistaken. If this was
indeed the case then ATM PIN codes would be written on the credit cards
:)


Regards,
Mario A. Spinthiras

------------------------------------------------------------------------
---
This list is sponsored by: Norwich University

EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE
The NSA has designated Norwich University a center of Academic
Excellence
in Information Security. Our program offers unparalleled Infosec
management
education and the case study affords you unmatched consulting
experience.
Using interactive e-Learning technology, you can earn this esteemed
degree,
without disrupting your career or home life.

http://www.msia.norwich.edu/secfocus
------------------------------------------------------------------------
---


Liability limited by a scheme approved under Professional Standards Legislation in respect of matters arising within 
those States and Territories of Australia where such legislation exists.

DISCLAIMER
The information contained in this email and any attachments is confidential. If you are not the intended recipient, you 
must not use or disclose the information. If you have received this email in error, please inform us promptly by reply 
email or by telephoning +61 2 9286 5555. Please delete the email and destroy any printed copy. 

Any views expressed in this message are those of the individual sender. You may not rely on this message as advice 
unless it has been electronically signed by a Partner of BDO or it is subsequently confirmed by letter or fax signed by 
a Partner of BDO.

BDO accepts no liability for any damage caused by this email or its attachments due to viruses, interference, 
interception, corruption or unauthorised access.

---------------------------------------------------------------------------
This list is sponsored by: Norwich University

EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE
The NSA has designated Norwich University a center of Academic Excellence
in Information Security. Our program offers unparalleled Infosec management
education and the case study affords you unmatched consulting experience.
Using interactive e-Learning technology, you can earn this esteemed degree,
without disrupting your career or home life.

http://www.msia.norwich.edu/secfocus
---------------------------------------------------------------------------