Comments on: Sense and Sensitivity http://www.robustmcmanlypants.org/blog/2009/06/17/sense-and-sensitivity/ Camo Pants with a Lavender Fringe Tue, 24 Jan 2012 19:14:50 +0000 hourly 1 http://wordpress.org/?v=3.3.1 By: Michael http://www.robustmcmanlypants.org/blog/2009/06/17/sense-and-sensitivity/comment-page-1/#comment-13829 Michael Wed, 24 Jun 2009 04:22:07 +0000 http://www.robustmcmanlypants.org/blog/?p=932#comment-13829 Honestly? It reads to me as someone saying something just to have something to say. In the age of automated password resets, password masking is not what's at the root of all those massive coronaries in the future of support staff the world over. Neither are reset buttons. I think the point that password masking leads people to choose weak passwords <em>might</em> hold water except that I can't think of a single account I've set up this decade that <em>doesn't</em> have some sort of minimum complexity requirement. My personal philosophy on this is pretty non-standard, though. I think people should come up with one really strong password that they have no trouble remembering and then use it for as long as they want because their chief goal should be to avoid being the lowest hanging fruit in any given bunch and accept that if they, personally, are targeted then their password not timing out isn't going to be what saves them. Honestly? It reads to me as someone saying something just to have something to say. In the age of automated password resets, password masking is not what’s at the root of all those massive coronaries in the future of support staff the world over. Neither are reset buttons.

I think the point that password masking leads people to choose weak passwords might hold water except that I can’t think of a single account I’ve set up this decade that doesn’t have some sort of minimum complexity requirement.

My personal philosophy on this is pretty non-standard, though. I think people should come up with one really strong password that they have no trouble remembering and then use it for as long as they want because their chief goal should be to avoid being the lowest hanging fruit in any given bunch and accept that if they, personally, are targeted then their password not timing out isn’t going to be what saves them.

]]> By: dob http://www.robustmcmanlypants.org/blog/2009/06/17/sense-and-sensitivity/comment-page-1/#comment-13827 dob Tue, 23 Jun 2009 22:08:05 +0000 http://www.robustmcmanlypants.org/blog/?p=932#comment-13827 Just curious, what do you think of Jakob Nielsen's latest contention: http://www.useit.com/alertbox/passwords.html Just curious, what do you think of Jakob Nielsen’s latest contention:

http://www.useit.com/alertbox/passwords.html

]]> By: Michael http://www.robustmcmanlypants.org/blog/2009/06/17/sense-and-sensitivity/comment-page-1/#comment-13819 Michael Mon, 22 Jun 2009 18:40:48 +0000 http://www.robustmcmanlypants.org/blog/?p=932#comment-13819 I get that. In general, I scan the use of "sensitive," in the context of information security, to mean "oh shit what if this got stolen and someone found out?" I don't think fear makes a good long-term motivator. Hearing someone say, "I'd rather spend the money to secure this than read about its theft on the front page of the student paper," may work as a great short-term motivator but long-term fear is something that exhausts rather than bolsters. I want people to see protected/valuable/sensitive/etc. data as something in which they're investing, not something they should fear. I get that. In general, I scan the use of “sensitive,” in the context of information security, to mean “oh shit what if this got stolen and someone found out?” I don’t think fear makes a good long-term motivator. Hearing someone say, “I’d rather spend the money to secure this than read about its theft on the front page of the student paper,” may work as a great short-term motivator but long-term fear is something that exhausts rather than bolsters. I want people to see protected/valuable/sensitive/etc. data as something in which they’re investing, not something they should fear.

]]> By: A. Diggity http://www.robustmcmanlypants.org/blog/2009/06/17/sense-and-sensitivity/comment-page-1/#comment-13810 A. Diggity Thu, 18 Jun 2009 14:55:40 +0000 http://www.robustmcmanlypants.org/blog/?p=932#comment-13810 Now see, whenever I see the term "sensitive" in a context like this, the first thing that leaps to my mind is "incriminating," e.g. a set of double books or insider trading or something. Now see, whenever I see the term “sensitive” in a context like this, the first thing that leaps to my mind is “incriminating,” e.g. a set of double books or insider trading or something.

]]>