[WikiEN-l] Please change your passwords.
Todd Allen
toddmallen at gmail.com
Mon May 7 21:26:57 UTC 2007
On 5/7/07, Steve Summit <scs at eskimo.com> wrote:
> Gregory Maxwell wrote:
> > But what we should be telling people is:
> > "Use the longest pass*phrase* you can easily type...
> > Yes, "gWXi$a09" is strong too, but when you try to tell people to use
> > passwords like that you get "10qpalz," which isn't strong.
>
> Well, I'm not so sure either works. I'm one of the more
> security-conscious people I know, and I don't bother with strong
> passwords (let alone passphrases) when I register at ordinary
> websites -- the risk just isn't there. If you tell me to pick
> a strong password I'll just laugh at you.
>
> And if you violently disagree with me here -- that's my point.
> This may be an irresponsible attitude of mine, maybe I really
> *should* be using strong passwords on every ordinary website I
> register with, but: I bet I'm not alone.
>
> If your security strategy depends on users picking a certain kind
> of password, you'd better enforce it in software, because I doubt
> you'll get enough voluntary compliance otherwise.
>
>
> _______________________________________________
> WikiEN-l mailing list
> WikiEN-l at lists.wikimedia.org
> To unsubscribe from this mailing list, visit:
> http://lists.wikimedia.org/mailman/listinfo/wikien-l
>
One would hope you'd think differently, if you had administrative or
other privileged access to that website? I agree with you in most
cases, my NYTimes password is just abcd1234. I couldn't care less if
anyone else uses the account. But if I were responsible for editing
and maintaining the site, you better bet I'd pick a much better one.
--
Freedom is the right to know that 2+2=4. From this all else follows.
More information about the WikiEN-l
mailing list