Re: Linking Password Length to Write-down probability
From: Nick Owen (nowen_at_wikidsystems.com)
Date: 05/27/05
- Previous message: Micheal Espinola Jr: "Re: Symantec LiveUpdate and User Rights on Win2000"
- In reply to: Stian Øvrevåge: "Linking Password Length to Write-down probability"
- Next in thread: KWajda_at_atchealthcare.com: "RE: Linking Password Length to Write-down probability"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Fri, 27 May 2005 11:44:31 -0400 To: Stian Øvrevåge <sovrevage@gmail.com>
I think it would be hard to link writing down passwords to just the
length and complexity. I would think that the number of passwords a
person has would be a bigger factor. I think it would be hard to
account for that - since so many would be outside the enterprise.
Stian Øvrevåge wrote:
> God morning list!
>
> I continually read papers which advertise increased password lenghts (
> and outrageous complexity requirements ) as The Solution(TM). I work
> in a fairly large organization and I can safely acknowledge that even
> 8 character passwords with moderate complexity requirements are VERY
> prone to beeing written un-encrypted and un-hashed on Post-Its, and
> then safely contained, under the keyboard, or on the monitor. Which in
> my humble oppinion is bordering to "stupid security".
>
> I'm certain that there is a link between required password lenght and
> complexity and the probability of users taking the huge leap backwards
> and writing passwords down.
>
> I've been doing a little Googling, but I can't seem to find any
> scientific analytical/statistical research done on this particular
> subject. Is anyone out there aware of any works done in this field? If
> not, is there anyone intrested in conducting such a survey on the
> behalf of the community?
>
> Regards, Stian
>
-- Nick Owen WiKID Systems, Inc. 404.962.8983 (desk) 404.542.9453 (cell) http://www.wikidsystems.com At last, two-factor authentication, without the hassle factor
- Previous message: Micheal Espinola Jr: "Re: Symantec LiveUpdate and User Rights on Win2000"
- In reply to: Stian Øvrevåge: "Linking Password Length to Write-down probability"
- Next in thread: KWajda_at_atchealthcare.com: "RE: Linking Password Length to Write-down probability"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
