International Skeptics Forum - View Single Post - Dear Users… (A thread for Sysadmin, Technical Support, and Help Desk people) Part 10

catsmate · 10th May 2022, 04:59 AM

Originally Posted by HansMustermann

Conversely: dear admins: there's a fine line between "security" and "dumb covering your ass at the user's expense." Asking that I must have a 20 character password^*, including two large prime numbers, characters from old elvish script or demonic runes, and the entrails of a sacrificial goat, has nothing to do with security. In fact, it's the polar opposite of security. About 99% of humans, when asked to remember something like that, will do one or more of the following:
- reuse the hell out of it, because <bleep> remembering three dozen of THOSE abominations
- make it something trivial like their name and birthday
- tape it onto the monitor

That's not enforcing security. It's just so some dumbass in the IT department can say "not my fault" when (not if) something happens.

^* Not even hyperbole. I literally just got complained at by a machine because my password wasn't 20 characters long. Literally.

Take a line of poetry at cetera and use that.

10th May 2022, 04:59 AM	#1024
catsmate No longer the 1 Join Date: Apr 2007 Posts: 27,072	Originally Posted by HansMustermann Conversely: dear admins: there's a fine line between "security" and "dumb covering your ass at the user's expense." Asking that I must have a 20 character password^, including two large prime numbers, characters from old elvish script or demonic runes, and the entrails of a sacrificial goat, has nothing to do with security. In fact, it's the polar opposite of security. About 99% of humans, when asked to remember something like that, will do one or more of the following: - reuse the hell out of it, because <bleep> remembering three dozen of THOSE abominations - make it something trivial like their name and birthday - tape it onto the monitor That's not enforcing security. It's just so some dumbass in the IT department can say "not my fault" when (not if) something happens. ^ Not even hyperbole. I literally just got complained at by a machine because my password wasn't 20 characters long. Literally. Take a line of poetry at cetera and use that.
	__________________ As human right is always something given, it always in reality reduces to the right which men give, "concede," to each other. If the right to existence is conceded to new-born children, then they have the right; if it is not conceded to them, as was the case among the Spartans and ancient Romans, then they do not have it. For only society can give or concede it to them; they themselves cannot take it, or give it to themselves.