 |
Home
| Calendar
| Mail Lists
| List Archives
| Desktop SIG
| Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings Linux Cafe | Meeting Notes | Linux Links | Bling | About BLU |
|
Home
| Calendar
| Mail Lists
| List Archives
| Desktop SIG
| Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings Linux Cafe | Meeting Notes | Linux Links | Bling | About BLU |
KeePass... it saved my life. Seriously though, I have suggested it to a few grandparents/parents.. They love it. May need a little help setting it up but otherwise its great from there. On Wed, Apr 18, 2012 at 11:45 AM, Chris O'Connell <omegahalo at gmail.com>wrote: > Greetings All, > > I've noticed that some of my users have been writing their passwords on > post-its and leaving them all over the place. Our office has a Written > Information Security Policy that each user signed, stating that passwords > are not to be written down and stored in plain site. Management at my > company isn't interested in disciplining anyone regarding these violations. > > As some of my users are in their late 70s and late 80s, I kind of > understand the need to write passwords down. However, some of my other > users are just plain dumb and complain all day about how many passwords > they have to remember and how hard their lives are as a result. One > particularly whiny person can't remember the four digit alarm code that she > uses every day to get into our building. As a result she has written it on > the back of her business card and leaves it in her cell phone case. > > I've come to realize that making things "more secure" is actually making > the our information systems less secure. Further, adding levels of > security is making the computer using experience at my organization more > challenging for the already technically challenged. For example, enabling > password complexity requirements just makes things harder for people to > remember. The result is more passwords written on post-its. > > I think we, as IT professionals, have to acknowledge that not all of our > users are as savvy we are. Not everyone is going to be capable of keeping > their passwords straight. > > Perhaps the solution is to make things easier for our end users. I'm > thinking now that I should install a single-sign-on software on all > workstations. Once a user logs in they will never have to enter a password > again (after the initial setup at least). On it's face, this may seem like > a terrible solution. I'm thinking though that this might actually make > things more secure as users will not be confused by multiple passwords. > Hopefully, this will result in less post-it-passwords. > > I can then thoroughly secure the workstations by deploying Bitlocker and > forcing the screens to lock after a certain period of inactivity. By > securing the workstation I'm not noticeably inconveniencing users. This is > a bit of give-and take, but a possible win-win. > > I'm wondering if anyone else has had similar troubles in the past. Any > creative solutions? I've recommended terminating at least on person here, > but I think my boss thought I was kidding ;-) > > -- > Chris O'Connell > http://outlookoutbox.blogspot.com > _______________________________________________ > Discuss mailing list > Discuss at blu.org > http://lists.blu.org/mailman/listinfo/discuss >
 |
|
| BLU is a member of BostonUserGroups | |
| We also thank MIT for the use of their facilities. | |
