User comments on ISPs
  >> PlusNet plc


Register (or login) on our website and you will not see this ad.


These posts have been archived and can no longer be replied to or modified.
Pages in this thread: 1 | 2 | 3 | 4 | [5] | 6 | 7 | (show all)   Print Thread
Standard User deleted
(deleted) Tue 22-May-07 12:56:54
Print Post

Re: Strong Passwords!


[re: deleted] [link to this post]
 
In reply to:

It refers to all security issues.



So why am I getting the impression that a lot of PN's recent advice is more about how the Customer's Passwords are easly cracked, rather than how their own internal systems got cracked!!
Standard User deleted
(deleted) Tue 22-May-07 13:00:15
Print Post

Re: Strong Passwords!


[re: seb] [link to this post]
 
In reply to:

So many people ignore the effects of social impact of IT... you made life difficult and users simplify it.. you force long passwords they can't remember? they write them down or use the same one more often... you make them change it often? they'll write it down or use a predictable pattern



Can I also add that virtually every organisation/company/web-site expects you to have a Password (&/or PIN), so that it really does become impossible to remember them all!!
Standard User deleted
(deleted) Tue 22-May-07 13:03:29
Print Post

Re: Strong Passwords!


[re: therioman] [link to this post]
 
In reply to:

it is amazing how customers have been asking for a long time, and now all of a sudden because of the webmail breach there is a real flurry of activity to do these things



The same could be said about the Web-Mail interface itself!!

When it was introduced, even PN was unhappy with it & gave assurances that it would be rapidly replaced! Unfortunately, that "rapidly" was not rapid enough!!


Register (or login) on our website and you will not see this ad.

Standard User h0tblack
(knowledge is power) Tue 22-May-07 13:07:00
Print Post

Re: Strong Passwords!


[re: deleted] [link to this post]
 
True, advice has been about how customers can improve security when the real source of the problem was PlusNet's lack of security. It can look like passing the buck or a case of double standards. I think it's more a case of there having been a MAJOR wake-up call and suddenly all these people in PlusNet are taking security seriously (which despite protestations to the contrary, I don't believe they did before, certainly not as seriously as they should have). This has the knock-on effect that they start advising others.

To be honest it's only a good thing if customers are encouraged to take security seriously. As long as PlusNet don't pass the buck and are properly held accountable for their shortcomings. Hopefully they'll be honest about things when they finally get the report into the incidents out.
Standard User deleted
(deleted) Tue 22-May-07 13:13:39
Print Post

Re: Strong Passwords!


[re: h0tblack] [link to this post]
 
or that it isn't.
Standard User camieabz
(legend) Tue 22-May-07 13:21:08
Print Post

Re: Strong Passwords!


[re: seb] [link to this post]
 
When applying those rules to employees, a company has the authority and the employees will 'suffer it'. I know of half a dozen folk near me who have recently aquired broadband (amazing when you think about it).

One is in his 70s.
Three are over 50.
One is a trademan in his 40s.
The other is in his 20s.

Only the latter appreciates decent security, and that's just because he's been exposed to college IT systems and the usual risks therein. I agree completely with the sentiment that users should have a password policy approach, but it's not realistic for many, and if I cast myself back to when I first used the web, if an ISp stated that a password should be 12 characters, must be varied case etc, I'd be wondering why, considering I didn't use banking or online shopping or the like.

Perhaps those who do should get a heads-up once in a while. Like I said occasional reminders, and over time the minimum criteria can be turned up.

Standard User deleted
(deleted) Tue 22-May-07 13:55:19
Print Post

Re: Strong Passwords!


[re: h0tblack] [link to this post]
 
this time round! im still not 100% convinced that workplace is 100% totally seperate. im still not 100% convinced that plusnet may or may not have other security issues. I would also imagine there is external access to workplace..

Edited by deleted (Tue 22-May-07 13:58:09)

Standard User blewit
(committed) Tue 22-May-07 14:51:32
Print Post

Re: Strong Passwords!


[re: deleted] [link to this post]
 
In reply to:

im still not 100% convinced that workplace is 100% totally seperate.




It's separate webserver(s), with separate database(s) from webmail. Yes - there's probably a route from one to the other via various switches/routers/firewalls etc. but that's the nature of the Internet

In reply to:

I would also imagine there is external access to workplace.




IP-Restricted to known static IPs and SSL traffic only last time I heard ... may not even be that anymore ...
Standard User h0tblack
(knowledge is power) Tue 22-May-07 15:41:46
Print Post

Re: Strong Passwords!


[re: blewit] [link to this post]
 
Ahh so they do employ SSL for that.
But they don't deem it necessary to allow SSL for e-mail transactions and instead are happy to have customers usernames and passwords passed in the clear whenever they send or receive e-mail. That's a big thing I've been bleating on about for years now. No sign of it actually being changed though.
Standard User deleted
(deleted) Tue 22-May-07 15:44:51
Print Post

Re: Strong Passwords!


[re: blewit] [link to this post]
 
wasnt webmail i was referring to.

In reply to:

IP-Restricted to known static IPs and SSL traffic only last time I heard ... may not even be that anymore ...




doesnt seem like much "security" to me. only takes a compromise of the webserver platform software.
Pages in this thread: 1 | 2 | 3 | 4 | [5] | 6 | 7 | (show all)   Print Thread

Jump to