Technical Discussion
  >> Security Related Issues


Register (or login) on our website and you will not see this ad.


  Print Thread
Standard User camieabz
(sensei) Sat 12-Sep-15 19:35:35
Print Post

"Stop using difficult-to-guess passwords" - GCHQ


[link to this post]
 
http://www.independent.co.uk/life-style/gadgets-and-...

Ahem!

Impact of forgetting password v impact of compromised password?
Standard User Kenneth
(legend) Sat 12-Sep-15 19:44:50
Print Post

Re: "Stop using difficult-to-guess passwords" - GCHQ


[re: camieabz] [link to this post]
 
TheRegister seems to have a better write up and the advice wasn't about password strength - rather the rules the sites try and impose such on passwords.- they also suggest allowing use of "use of password storage lockers"

Ken

Nostalgia is memory with the pain removed
Standard User camieabz
(sensei) Sat 12-Sep-15 20:04:07
Print Post

Re: "Stop using difficult-to-guess passwords" - GCHQ


[re: Kenneth] [link to this post]
 
Hmm. Eggs in the basket is not my preferred method, but it might suit some types of user/business.

I tend to have three types of password. Very strong (15-30 characters depending on any limitations) for router and web accounts that are critical, such as admin access to websites. Strong (10-20), usually made up of 2-3 words known only to me and a random number for things like online purchasing, and weak 8-10 characters for protected files.

I'm the only user of this PC, and that's the best security of all. Know who uses what, and what access they have to any systems. Also apply group security according to risk / impact / user savvy.

Regarding the GCHQ advice, I thought it less than sensible to the have the 'leading' IT security organisation (or the one we all think should be leading), giving advice to relax. That should come from IT management on a business by business or mission by mission basis.


Register (or login) on our website and you will not see this ad.

Standard User Kenneth
(legend) Sat 12-Sep-15 21:10:16
Print Post

Re: "Stop using difficult-to-guess passwords" - GCHQ


[re: camieabz] [link to this post]
 
It isn't about relaxing security it is more about understanding what causes people to weaken security to cope with things thrown at them to "maintain" security and pick the least harm route.

Ken

Nostalgia is memory with the pain removed
  Print Thread

Jump to