Password Madness
February 11, 2007 at 2:13 pm 7 comments
Passwords are such a week security mechanism. It is so typical for people to use one or two passwords for every online account they have. If someone gets that password (perhaps a sysadmin at a web site that you use) they could use it to open all kinds of doors.
Having recognized that, I am not a big fan of web sites that try to prevent that. Today I was reviewing an account I have with GMAC Finance. They require a password with two numeric characters. I cannot imagine anything with two numbers that I can easily remember. Especially at a sit that I visit infrequently.
However, I can top that. Ministry’s Retirement Savings vendor, Diversified Investment Advisors, requires an 8 character user name. What is the sense in that? I can see an 8 character password, but the user name is the part that should be really easy to remember.
In the hospitals we have hundreds of applications. Buying products that plug into our Active Directory authentication scheme is being more and more critical. When you ask your users to remember a lot of complex passwords that change frequently will result in people writing down passwords in places they can find them.
Entry filed under: Security. Tags: .
1.
fayjdykes | February 16, 2007 at 9:48 am
Password provide us a way of security still not the complete assurance of safety.But we are using them till we will not get some other way which is more secured than the passwords.
2.
Steve | March 16, 2007 at 11:39 am
Single Sign On ??!
3.
JRM | March 17, 2007 at 11:02 pm
SSO — would be nice. So, now there will be a single point of entry/failure. While, I don’t believe that is completely ready SSO with biometrics entry would eliminate the password.
4.
Kathy Young | March 19, 2007 at 1:50 pm
1.800.idea.com ext 2446 – I’m just a call away.
http://www.idea.com/summit
5.
EJP | March 31, 2007 at 3:44 pm
for a number in personal passwords, I often choose the number of the house I grew up in— easy for me to remember, but would require some concerted effort for someone else to acquire
6.
Melanie Hime | June 7, 2007 at 11:53 pm
It is just insane the number and variety of passwords and login names I have. Some sites require passwords of 6 characters, some 8, some must have at least one numeric. Some sites want you to use your email address for the user login. I can never remember which login ID/password I used. If they would just give you a CLUE.
Password is 6 characters, Password is 8 characters plus number… etc!
7.
hospitalcio | June 8, 2007 at 10:42 pm
Since posting this I have found a new online tool for managing passwords. Check-out http://www.clipperz.com/
It stores all of your passwords online (encrypted). It also has a cool way of storing the page address and the user name and password so you can logon with a single click.
I prefer this over a program that locall stores my passwords because I use a lot of different computer.