Typical password advice points out changing it regularly, say like in 90 days. But for what reasons?
If the problem is linearly going login cracking (either brute or dictionary), then nothing points that password changed might actually be weaker. E.g if it is nnn and cracking starts from a, and user changes it to klm. Then it is cracked faster.
If is hash cracking, then the potentially crackeds password usage lifetime is shorter.
So the whole setting is for assumption that hashed passwords are stolen?
Why there is no password policy, which checks the length of password(or complexity) and rewards user with longer lifetime - this probably could lessen servicedesk tickets for forgotten passwords, users might selct better passwords since they would not collect so much historial garbage etc.
- Posted using BlogPress from my iPad
Tuesday, May 01, 2012
Sunday, April 08, 2012
Quote to describe the times
“we’ve left our future largely in the hands of people whose single greatest characteristic is that they are bewildered by the present.”, joshua cooper ramo.
- Posted using BlogPress from my iPad
- Posted using BlogPress from my iPad
Sunday, February 19, 2012
organizational dissonance, vol n
Years back i was working in a special niche area organization. At one point the company hired professional managing director to lead the company, which turned out to be a mistake. As the md did not understand the area he hired more managers.
Apparently there is a thought that if you are a manager then you magically understand the content and context. Compare this also to old joke of roving competition where you have one person rocing, team lead, purser, captain etc, and other team has one steering(captain) and all others are roving.
Eventhough we are, or some have, entering information/knowledge era, the work or how is done still at many places are based on industrial factorial age - wake up early, be seen at office like you are not trusted to do work unless your boss sees you all the time.
The change on the era requires changes on way of working, management and leadership - indeed, the biggest hurdle might hit incompetent managers who are not able to trust and manage subordinates who might know more about the content of the work, and are geographically distributed. The inability to realize this prevents organizations to grow and accelerate as it is like having a race but your team goes the speed of slowest person while the competitor does not have slow runners at all.
- Posted using BlogPress from my iPad
Apparently there is a thought that if you are a manager then you magically understand the content and context. Compare this also to old joke of roving competition where you have one person rocing, team lead, purser, captain etc, and other team has one steering(captain) and all others are roving.
Eventhough we are, or some have, entering information/knowledge era, the work or how is done still at many places are based on industrial factorial age - wake up early, be seen at office like you are not trusted to do work unless your boss sees you all the time.
The change on the era requires changes on way of working, management and leadership - indeed, the biggest hurdle might hit incompetent managers who are not able to trust and manage subordinates who might know more about the content of the work, and are geographically distributed. The inability to realize this prevents organizations to grow and accelerate as it is like having a race but your team goes the speed of slowest person while the competitor does not have slow runners at all.
- Posted using BlogPress from my iPad
Subscribe to:
Posts (Atom)