[F8] fingerprint scanner

John Summerfield debian at herakles.homelinux.org
Sun Dec 2 00:45:08 UTC 2007 

Tom Horsley wrote:
> On Sun, 02 Dec 2007 08:45:10 +0900
> John Summerfield <debian at herakles.homelinux.org> wrote:
> 
>> To defeat the "change your password" myth, google '"best practice" 
>> password security.' There's a paper I've turned up a couple of times, 
>> most recently in the past week, where a professor argues changing 
>> passwords regularly might have been a good idea 40 years ago, but not 
>> now. His argument seems good to me, and I've not changed my preferred 
>> password in over five years (and I've not disclosed it to anyone).
> 
> Hey! I know its a myth, but it is dear to the hearts of the
> morons running the Sarbanes-Oxley audits at work, so changing
> passwords it is. Of course, as expected, they only care about the
> passwords in the Windows domain. No one has changed their
> linux password in years :-)..
> 
Your saying it's a myth is one thing, a well-reasoned paper from a 
professor another. Consider it a reference to an authority on the 
subject, the kind of witness you'd like on your side in a court of law. 
Particularly, if you can find some other authoritative papers supporting 
your view.


Me, my boss said change everyone's password each month. I said, 
"Considering the problem they have with the first password, how should 
we do it?" His response, "Tell me when you have a procedure," and that's 
where the matter has rested for a year or two. If he ever recalls the 
matter, I will present a suggestion for a pilot to run for some period 
of time, where _his_ password gets changed regularly. Probably, I will 
print it on his printer then change to the new password.

We use a password generator, and the password's sole use for general 
users is to send/receive email on their laptops. Emailing new passwords 
might be fun, until the Air Movement Device becomes coated with sticky 
brown stuff...

The fingerprint scanner would work fairly well for this. There's only 
one person around who could even come close to breaking it, and I don't 
need to.




-- 

Cheers
John

-- spambait
1aaaaaaa at coco.merseine.nu  Z1aaaaaaa at coco.merseine.nu
-- Advice
http://webfoot.com/advice/email.top.php
http://www.catb.org/~esr/faqs/smart-questions.html
http://support.microsoft.com/kb/555375

You cannot reply off-list:-)

More information about the users mailing list