Security Basics mailing list archives

RE: Security procedure question

From: "Jordan Jason" <Jordan_Jason () bah com>
Date: Mon, 2 Oct 2006 15:46:53 -0400

I have never used this approach, but would be really hesitant to trust
the users to treat their password like a credit card.  I mean we all
preach to keep the passwords confidential, but somehow they always end
up taped to the monitor or under the mouse pad.  I think the better
solution would be to use easy to remember pass phrases.  Just my .02

-----Original Message-----
From: listbounce () securityfocus com [mailto:listbounce () securityfocus com]
On Behalf Of Pranav Lal
Sent: Saturday, September 30, 2006 9:33 AM
To: security-basics () securityfocus com
Subject: RE: Security procedure question

Hi all,

I remember reading somewhere that one practice for having strong
passwords
was to allow the users to write them down but treat the paper on which
they
were written like a credit card. If I remember correctly, the argument
went
that since people don't leave credit cards lying around, they would not
leave their passwords lying around either.

Has anyone tried this approach?

Pranav


------------------------------------------------------------------------
---
This list is sponsored by: Norwich University

EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE
The NSA has designated Norwich University a center of Academic
Excellence 
in Information Security. Our program offers unparalleled Infosec
management 
education and the case study affords you unmatched consulting
experience. 
Using interactive e-Learning technology, you can earn this esteemed
degree, 
without disrupting your career or home life.

http://www.msia.norwich.edu/secfocus
------------------------------------------------------------------------
---

---------------------------------------------------------------------------
This list is sponsored by: Norwich University

EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE
The NSA has designated Norwich University a center of Academic Excellence
in Information Security. Our program offers unparalleled Infosec management
education and the case study affords you unmatched consulting experience.
Using interactive e-Learning technology, you can earn this esteemed degree,
without disrupting your career or home life.

http://www.msia.norwich.edu/secfocus
---------------------------------------------------------------------------

Current thread:

RE: Security procedure question Pranav Lal (Oct 02)
- RE: Security procedure question Cort Boecking (Oct 03)
- Re: Security procedure question Mario A. Spinthiras (Oct 03)
  - RE: Security procedure question Nick Duda (Oct 03)
- Re: Security procedure question dubz (Oct 03)
- <Possible follow-ups>
- RE: Security procedure question Jordan Jason (Oct 03)
- RE: Security procedure question Maqhinga Sikhosana (Oct 03)
- RE: Security procedure question missy . augustine (Oct 03)
  - Re: Security procedure question Nic Stevens (Oct 03)
  - Re: Security procedure question Mario A. Spinthiras (Oct 04)
- RE: Security procedure question Craig Wright (Oct 05)