Firewall Wizards mailing list archives
RE: Stanford break in
From: "Paul D. Robertson" <paul () compuwar net>
Date: Thu, 22 Apr 2004 18:15:30 -0400 (EDT)
On Thu, 22 Apr 2004, Laura Taylor wrote:
You need some user behavior/rules of engagement policies to deal with users bringing home password files and cracking them. And they should be enforced. Laura
Ron's main point (I think) is that you can't enforce strong password policies everywhere in an organization, so folks who want to circumvent those policies will do so, and the net result of stronger passwords is lost. Non-trivial passwords, I agree with, but "strong passwords" really just piss off users without much overall affect to the organization's security posture if there's enough disparate system types (or if users simply use that password everywhere so they can remember it.) Paul ----------------------------------------------------------------------------- Paul D. Robertson "My statements in this message are personal opinions paul () compuwar net which may have no basis whatsoever in fact." probertson () trusecure com Director of Risk Assessment TruSecure Corporation _______________________________________________ firewall-wizards mailing list firewall-wizards () honor icsalabs com http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- Stanford break in Chuck Vose (Apr 22)
- Re: Stanford break in Paul D. Robertson (Apr 22)
- RE: Stanford break in Victor Williams (Apr 22)
- Re: Stanford break in Chuck Vose (Apr 22)
- Re: Stanford break in Darren Reed (Apr 22)
- Re: Stanford break in Carric Dooley (Apr 22)
- Re: Stanford break in R. DuFresne (Apr 22)
- RE: Stanford break in Laura Taylor (Apr 22)
- RE: Stanford break in R. DuFresne (Apr 22)
- RE: Stanford break in Chuck Vose (Apr 22)
- RE: Stanford break in Paul D. Robertson (Apr 22)
- RE: Stanford break in Victor Williams (Apr 22)
- RE: Stanford break in R. DuFresne (Apr 22)
- RE: Stanford break in Carric Dooley (Apr 23)
- RE: Stanford break in Victor Williams (Apr 23)
- Re: Stanford break in R. DuFresne (Apr 22)
- Re: Stanford break in Paul D. Robertson (Apr 22)
- Re: Stanford break in mlh (Apr 23)
- Re: Stanford break in Luca Berra (Apr 23)
- Re: Stanford break in Adam Shostack (Apr 22)
- Re: Stanford break in Carric Dooley (Apr 23)
- Passwords (was: Stanford break in) Ben Nagy (Apr 23)