Educause Security Discussion mailing list archives
Re: Password expiration - was Re: [SECURITY] Security Awareness Programs
From: Von Welch <von () VONWELCH COM>
Date: Thu, 3 Apr 2014 10:45:18 -0400
That being said, I'm pinning my hopes on multi-factor authentication.
Every multi-factor I’ve seen in wide use today is password plus something. Do password policies go away if there is a additional factor? Von On Apr 3, 2014, at 8:50 AM, Roger A Safian <r-safian () NORTHWESTERN EDU> wrote:
Ultimately, I'm not finding the benefit strong enough to move me from my core belief that it's not worth the usability trade-off and we should instead be focusing energy getting users to use password managers. But I admit that's subjective.I'm not sure that password managers will take off. The whole password system is little more than an annoyance to most users, and until that changes, we're just expending a lot of energy, mostly needlessly. That being said, I'm pinning my hopes on multi-factor authentication. Maybe one of us will get lucky.
Current thread:
- Re: Password expiration - was Re: [SECURITY] Security Awareness Programs Shane Williams (Apr 02)
- Re: Password expiration - was Re: [SECURITY] Security Awareness Programs Von Welch (Apr 02)
- Re: Password expiration - was Re: [SECURITY] Security Awareness Programs Roger A Safian (Apr 03)
- Re: Password expiration - was Re: [SECURITY] Security Awareness Programs Von Welch (Apr 03)
- Re: Password expiration - was Re: [SECURITY] Security Awareness Programs Flynn, Gary - flynngn (Apr 03)
- Re: Password expiration - was Re: [SECURITY] Security Awareness Programs Roger A Safian (Apr 03)
- Re: Password expiration - was Re: [SECURITY] Security Awareness Programs Mike Cunningham (Apr 03)
- Re: Password expiration - was Re: [SECURITY] Security Awareness Programs Roger A Safian (Apr 03)
- Re: Password expiration - was Re: [SECURITY] Security Awareness Programs Carlos Lobato (Apr 03)
- Re: Password expiration - was Re: [SECURITY] Security Awareness Programs Chris Green (Apr 03)
- Re: Password expiration - was Re: [SECURITY] Security Awareness Programs Roger A Safian (Apr 03)
- Re: Password expiration - was Re: [SECURITY] Security Awareness Programs Rich Graves (Apr 03)
- Re: Password expiration - was Re: [SECURITY] Security Awareness Programs Von Welch (Apr 03)
- Re: Password expiration - was Re: [SECURITY] Security Awareness Programs Von Welch (Apr 02)
- <Possible follow-ups>
- Re: Password expiration - was Re: [SECURITY] Security Awareness Programs Shane Williams (Apr 03)
- Re: Password expiration - was Re: [SECURITY] Security Awareness Programs Joe St Sauver (Apr 03)