On Mon, Mar 09, 2009 at 21:07:43 -0400, Tom Lane <tgl@xxxxxxxxxx> wrote: > Kevin Kofler <kevin.kofler@xxxxxxxxx> writes: > > Why don't we stop requiring these pointless password resets > > altogether? > > +1 ... it's a demonstrated fact that forcing periodic password changes > does not improve security. What it does do is force people to write > down their passwords so they can remember what's current. That is going to depend on the threat model. Forcing password resets can secure accounts where the password has been compromised, but the user doesn't know it. In practice I am not sure how big of a problem that is. And changing it may only help temporarily if the method that compromised the original password is still available. Writing passwords down may or may not be a big problem. Keeping them in say your wallet may not be a big risk. If your wallet gets stolen the person stealing it probably isn't interested in your passwords and you will have time to deal with the passwords. (For people with kids, a wallet may not be a safe place to store passwords.) Keeping them in something like password safe might also work pretty well. If the machine that you are using to keep the encrypted passwords on is compromised, then there is a good chance your passwords would have been snatched even if you were typing them from memory. What may be a bigger threat here is someone forging messages from Mike with deceptive URLs that trick people into changing their passwords using a hostile proxy. Doing things in the current manner is training people to get fooled. I don't remember if Mike signed the message, but I don't recall getting a pgp warning when I read it. (But it's been long enough that I might have forgotten.) (I checked the url and figured even if the message was bogus, changing my password at the real FAS site wouldn't hurt.) -- fedora-devel-list mailing list fedora-devel-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-devel-list
