Re: [F8] fingerprint scanner

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Tom Horsley wrote:
On Sun, 02 Dec 2007 08:45:10 +0900
John Summerfield <debian@xxxxxxxxxxxxxxxxxxxxxx> wrote:

To defeat the "change your password" myth, google '"best practice" password security.' There's a paper I've turned up a couple of times, most recently in the past week, where a professor argues changing passwords regularly might have been a good idea 40 years ago, but not now. His argument seems good to me, and I've not changed my preferred password in over five years (and I've not disclosed it to anyone).

Hey! I know its a myth, but it is dear to the hearts of the
morons running the Sarbanes-Oxley audits at work, so changing
passwords it is. Of course, as expected, they only care about the
passwords in the Windows domain. No one has changed their
linux password in years :-)..

Your saying it's a myth is one thing, a well-reasoned paper from a professor another. Consider it a reference to an authority on the subject, the kind of witness you'd like on your side in a court of law. Particularly, if you can find some other authoritative papers supporting your view.


Me, my boss said change everyone's password each month. I said, "Considering the problem they have with the first password, how should we do it?" His response, "Tell me when you have a procedure," and that's where the matter has rested for a year or two. If he ever recalls the matter, I will present a suggestion for a pilot to run for some period of time, where _his_ password gets changed regularly. Probably, I will print it on his printer then change to the new password.

We use a password generator, and the password's sole use for general users is to send/receive email on their laptops. Emailing new passwords might be fun, until the Air Movement Device becomes coated with sticky brown stuff...

The fingerprint scanner would work fairly well for this. There's only one person around who could even come close to breaking it, and I don't need to.




--

Cheers
John

-- spambait
1aaaaaaa@xxxxxxxxxxxxxxxx  Z1aaaaaaa@xxxxxxxxxxxxxxxx
-- Advice
http://webfoot.com/advice/email.top.php
http://www.catb.org/~esr/faqs/smart-questions.html
http://support.microsoft.com/kb/555375

You cannot reply off-list:-)

--
fedora-list mailing list
fedora-list@xxxxxxxxxx
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
[Index of Archives]     [Older Fedora Users]     [Fedora Announce]     [Fedora Package Announce]     [EPEL Announce]     [Fedora Magazine]     [Fedora News]     [Fedora Summer Coding]     [Fedora Laptop]     [Fedora Cloud]     [Fedora Advisory Board]     [Fedora Education]     [Fedora Security]     [Fedora Scitech]     [Fedora Robotics]     [Fedora Maintainers]     [Fedora Infrastructure]     [Fedora Websites]     [Anaconda Devel]     [Fedora Devel Java]     [Fedora Legacy]     [Fedora Desktop]     [Fedora Fonts]     [ATA RAID]     [Fedora Marketing]     [Fedora Management Tools]     [Fedora Mentors]     [SSH]     [Fedora Package Review]     [Fedora R Devel]     [Fedora PHP Devel]     [Kickstart]     [Fedora Music]     [Fedora Packaging]     [Centos]     [Fedora SELinux]     [Fedora Legal]     [Fedora Kernel]     [Fedora OCaml]     [Coolkey]     [Virtualization Tools]     [ET Management Tools]     [Yum Users]     [Tux]     [Yosemite News]     [Gnome Users]     [KDE Users]     [Fedora Art]     [Fedora Docs]     [Asterisk PBX]     [Fedora Sparc]     [Fedora Universal Network Connector]     [Libvirt Users]     [Fedora ARM]

  Powered by Linux