On Thursday 29 November 2007 11:17:24 am SJS wrote: > begin quoting Chris Mauricio as of Thu, Nov 29, 2007 at 11:07:33AM -0800: > > Fingerprint scanner? Other than against the Mythbusters, wouldn't that > > be secure enough? They're damn cheap now. > > Hahahahahaha > > You're funny. > > Fingerprint scanners -- secure? > > -- > MAYBE if you had a photo-id-checking guard protecting 'em. > Stewart Stremler
( resending- didn't see it hit the list ) Effective security. If the password rotation / aging scheme just makes them write it down, why not? It has to be marginally more secure. My take is any security strong enough to keep the most ardent of social-engineers / crackers off your system will be undone by the user's inability or lack of desire to remember it, encouraging them to write it down and stick it to the bottom of the keyboard. I find passwords stuck on the monitor, under the keyboard, in the rolodex under "P", inside the pencil drawer on a blue sticky, taped to the inside wall of the file drawer, on the bottom of the mouse pad... I've even found them taped to the back of the picture of their kids. I find them jotted down on the big calendar on the desktop next to the doodles of spirals and squares and flowers. Most use initials followed by 123 or the old standby abc123. I've found the OTP key fobs in the Fathers day coffee cup or attached to their keyring, sitting right there on the desk with the keys to the filing cabinet where they keep the petty cash... EFFECTIVE security is a balance between ease of use for the user and difficulty of compromise by a cracker. Get too far towards either end of the spectrum and your security will be undermined by the other. C. -- [email protected] http://www.kernel-panic.org/cgi-bin/mailman/listinfo/kplug-list
