Screensaver takes too much time to fade-out...
Robert Moskowitz
rgm at htt-consult.com
Fri Dec 16 18:08:53 UTC 2011
On 12/16/2011 12:45 PM, Patrick O'Callaghan wrote:
> On Fri, 2011-12-16 at 17:21 +1030, Tim wrote:
>> On Thu, 2011-12-15 at 13:08 +0000, Jake Shipton wrote:
>>> My next advise would be to do the following:
>>>
>>> 1) Regularly change your password, say every 3/6 months.
>> Personally, I don't see the point in this. I think it's a fallacy.
> +1
>
> This is one of those corporate "Best Practices" which someone made up
> back in the mainframe era when dinosaurs roamed the Earth.
And passwords were limited to 8 characters. I remember the days well.
> It may have
> made a little sense then. I believe the argument was "You're going to
> make up some lame password anyway, so at least change it from time to
> time". It makes absolutely no sense now. Use a password generation tool
> or one of the many ways of getting a memorable but hard to guess
> passphrase.
>
> Unfortunately, a large part of the corporate Internet hasn't got the
> memo, so they keep forcing you to go through this nonsense. I just went
> through a security audit in which the external auditors insisted on it
> over our strenuous objections. I think we're going to replace passwords
> with a token-based authentication system, which is a damned sight more
> secure anyway.
Again, read: http://www.cryptosmith.com/password-sanity
Richard can supply your IT with some common sense. Or if they prefer
Schniener, I can probably contact him for a reference URL...
We just switched from the RSA hard tokens to the soft tokens. 'More'
secure. This is an interim step, as we are expecting to be eating our
own dog food sooner rather than later.
More information about the users
mailing list