BLU Discuss list archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Discuss] deadmanish login?
- Subject: [Discuss] deadmanish login?
- From: kentborg at borg.org (Kent Borg)
- Date: Tue, 31 Jan 2017 13:56:08 -0500
- In-reply-to: <06141298-c219-9046-ef6f-49d818edd35e@napc.com>
- References: <iydoKFG1q6EvZNl6T2sztfNEyMK3eE7jp_2ZXrcPTgVFK1IPE5deLwZcViB_xDQMcb16enHDIBp9gek18AIxu5VrLtdgSHK6qEOO91dh2nA=@protonmail.com> <20170131014651.GA21915@newtao.randomstring.org> <1cca093a-2f5b-c105-0288-5f435c11104e@borg.org> <e94de5ff-7644-d501-ccb4-fd4a6b32ff7a@napc.com> <565bdd82-c70e-3e64-6786-63f9b8de12da@borg.org> <06141298-c219-9046-ef6f-49d818edd35e@napc.com>
On 01/31/2017 11:30 AM, Grant NAPC wrote: > I think it's better to train them how to create those passwords on > their own and then require them to change them so that should they > reuse them elsewhere then they are only a concern for 90 days or whatever. I am not saying that forcing a password on users is good--I am undecided... The problem with rotating passwords is how in hell to manage them. Once upon a time, when hardly anyone had a password and those who did had but a single password, it was easy. But now there are a lot. As a practical matter, how do you expect users to know their new password if you make them change it every few weeks? Serious question. -kb
- References:
- [Discuss] deadmanish login?
- From: sillystring at protonmail.com (Eric Chadbourne)
- [Discuss] deadmanish login?
- From: dsr at randomstring.org (Dan Ritter)
- [Discuss] deadmanish login?
- From: kentborg at borg.org (Kent Borg)
- [Discuss] deadmanish login?
- From: gmongardi at napc.com (Grant NAPC)
- [Discuss] deadmanish login?
- From: kentborg at borg.org (Kent Borg)
- [Discuss] deadmanish login?
- From: gmongardi at napc.com (Grant NAPC)
- [Discuss] deadmanish login?
- Prev by Date: [Discuss] deadmanish login?
- Previous by thread: [Discuss] deadmanish login?
- Next by thread: [Discuss] deadmanish login?
- Index(es):
