Technorati Profile
Write your Password Down
Slashdot has two discussions on why you should/ shouldn't write down your passwords.
I haven't finished browsing through the threads, but the argument seems to go like this:
a) People tend to forget strong passwords (something like xb7t8Rc)
b) People are encouraged not to write down their passwords
c) People set weak passwords (something like qwerty)
I think there is an assumption that b -> c is true and hence the contrapositive ¬c -> ¬b is also believed true: If people set strong passwords, they have been encouraged to write down their passwords.
How this translates into ¬b -> ¬c (if people are encouraged to write down their passwords, they will not set weak passwords) I don't know. Similarly, "If I am a man, I am happy" and "If I am not a man, I am sad" are not exactly logical equivalents.
Which security expert out there is aghast at this? I can imagine millions of infosec people and security auditors dreading that users will listen to such advice, perform selective reasoning, and come up with a combination of the worst factors possible, ie, write down their passwords AND set weak passwords. Imagine pieces of paper that say "qwerty" floating everywhere. The horror.
Hackers will be out of jobs.
Filed under: Article, Technology
I haven't finished browsing through the threads, but the argument seems to go like this:
a) People tend to forget strong passwords (something like xb7t8Rc)
b) People are encouraged not to write down their passwords
c) People set weak passwords (something like qwerty)
I think there is an assumption that b -> c is true and hence the contrapositive ¬c -> ¬b is also believed true: If people set strong passwords, they have been encouraged to write down their passwords.
How this translates into ¬b -> ¬c (if people are encouraged to write down their passwords, they will not set weak passwords) I don't know. Similarly, "If I am a man, I am happy" and "If I am not a man, I am sad" are not exactly logical equivalents.
Which security expert out there is aghast at this? I can imagine millions of infosec people and security auditors dreading that users will listen to such advice, perform selective reasoning, and come up with a combination of the worst factors possible, ie, write down their passwords AND set weak passwords. Imagine pieces of paper that say "qwerty" floating everywhere. The horror.
Hackers will be out of jobs.
Filed under: Article, Technology
0 Comments
Post a Comment
<< Home