Re: 1 in 3 workers write down passwords

["Dude VanWinkle" <dudevanwinkle () gmail com>]

On 10/17/06, Drsolly <drsollyp () drsolly com> wrote:
> On Tue, 17 Oct 2006, Dude VanWinkle wrote:
> > NEW YORK (Reuters) - One in three people write down computer
> > passwords, undermining their security
>
> No, that enhances their security.


On 10/17/06, Richard M. Smith <rms () bsf-llc com> wrote:
> Sounds like someone is promoting biometrics.
>
> I wonder if anyone has taken the next step and figured out how many systems
> are actually being compromised due to passwords being written on yellow
> stickies.


hmm, I think I know at least two people who write down their passwords ;-)

seriously though, the big deal about writing down passwords is not the
threat from external hackers, but rather abuse from internal threats.
i wouldn't want the guy from payroll writing down his password and
then have the helpdesk people find it.

Also, I remember one case where a building services employee found a
password written down at one of the desks while he was cleaning after
work hours. It took a lot of time and investigation and convincing
before the IT staff agreed it wasnt the person assigned to that PC who
downloaded the pr0n (and accompanying malware) onto his computer. It
took even longer before we stopped making fun of him for it. ;-)

-JP
_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.