[Discuss] A Little OT: The Password Post-It
John Abreau
abreauj at gmail.com
Sat Apr 21 15:42:16 EDT 2012
On Apr 20, 2012, at 7:53 PM, Richard Pieri <richard.pieri at gmail.com> wrote:
> You can layer more and more complexity in order to cover these loopholes and improve your warm, fuzzy feeling of security. Or you can do something simple: lock the door. Maintain good physical site security. Then it won't matter if users write their passwords on post-it notes. If attackers can't gain physical access then those post-its do them no good. Problem solved.
>
Because external threats are all that matter. After all, internal attacks are almost unheard of; according to most security experts, only 85% of security breaches are inside jobs.
More information about the Discuss
mailing list