Password policy

ByMike McBride Reading Time: 2 minutes

After my experiences today I’m reconsidering the way I look at password policies. I had to go around and install the new drivers for that Canon copier/printer today on about 15 machines. The install involved installing the Canon LPR port, installing the print driver, restarting, and then entering the Department ID information for the print job accounting functions. So I would sit down at a PC, run the installers, and ask the user to enter their password when the PC restarted. Most of them would just tell me what the password was instead of getting up from where they had settled to type it. A couple of these folks had to get up and type it in because they couldn’t remember it. Typing it in had become such a routine that they couldn’t tell you what it was, but they could type it. That told me two things:

1) I’m obviously not making them expire often enough. (I already knew that, but since there are no direct internet-facing PC’s, everything sits behind another company’s whole network infrastructure, and it’s a small enough environment that I can keep a pretty close eye on things, I have been more lax than I would be in any other situation. I don’t make them change it as often as most of you probably do with your users.)

2. You could never use social engineering to get these people’s passwords. They can’t tell you what they are! Maybe there’s something to be said for letting people type in the same password for long periods of time, making it such a routine that they can’t give it to anyone else. 🙂

Share with your friends!
LinkedInBlueskyMastodonThreadsRedditBuffer

Similar Posts

  • How was your day?

    ByMike McBride Reading Time: 1 minute

    Here’s some pictures to show you what things around here are like today. It’s probably a good thing we both had today off work for President’s Day, there’s no way we would have made it. Especially not when you consider the one car that could handle the snow better is in the shop! Great timing!…

  • |

    Is the Internet Broken, or are We Broken?

    ByMike McBride Reading Time: 2 minutes

    I read this recent quote from an article about Ev Williams this week and something seemed oddly familiar about it: The trouble with the internet, Mr. Williams says, is that it rewards extremes. Say you’re driving down the road and see a car crash. Of course you look. Everyone looks. The internet interprets behavior like…

  • Thunderbird

    ByMike McBride Reading Time: 1 minute

    I have only used Thunderbird for about two days when I noticed that version 0.4 was available over the weekend. I don’t know whether it’s better, I was still figuring out what was in 0.3 so I don’t really know what’s new, but I downloaded it and replaced the 0.3. Consider this your head’s up…

  • Early impressions

    ByMike McBride Reading Time: 2 minutes

    Just finished up with getting my old PC installed in it’s new home, and now that I’m hot and sweaty, I figured I’d sit down and write a bit about what I like/dislike in XP after a few days of using it. Things I like: Clear Type -makes the screen so much more eye-friendly, and…

  • Novel idea

    ByMike McBride Reading Time: 1 minute

    Here’s a novel idea for your non-technical friends, and one I just came up with while having a discussion with a coworker: So you have a friend who has an old PC and wants rid of it. They don’t want to toss it in the trash, obviously, they want to drop it at a recycling…

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

To respond on your own website, enter the URL of your response which should contain a link to this post's permalink URL. Your response will then appear (possibly after moderation) on this page. Want to update or remove your response? Update or delete your post and re-enter your post's URL again. (Find out more about Webmentions.)