[Discuss] A Little OT: The Password Post-It
Chris O'Connell
omegahalo at gmail.com
Wed Apr 18 13:20:59 EDT 2012
So, end user training? Good point!
On Wed, Apr 18, 2012 at 1:18 PM, Richard Pieri <richard.pieri at gmail.com>wrote:
> On 4/18/2012 12:29 PM, Chris O'Connell wrote:
>
>> I guess what I'm looking for is a non-technical solution or idea of how to
>> keep users from having to write the passwords on postits.
>>
>
> Password policies are stupid.
>
> What needs to happen is that these folks need to be made to understand the
> nature of the threats involved and why protecting information is important.
> Once they understand that it is a short step for them to ask, "what can I
> do about it?" That's when things start to stick because it isn't a policy
> being put in the way of their work but their own actions protecting their
> work. Having a vested interest in good security practices means they'll be
> more likely to remember their passwords instead of needing to write them
> down. Just as importantly, when they are part of the security process like
> this they are less likely to be exploited socially.
>
> --
> Rich P.
>
> ______________________________**_________________
> Discuss mailing list
> Discuss at blu.org
> http://lists.blu.org/mailman/**listinfo/discuss<http://lists.blu.org/mailman/listinfo/discuss>
>
--
Chris O'Connell
http://outlookoutbox.blogspot.com
More information about the Discuss
mailing list