Security, or is it no-security

Avatar

Please consider registering
Guest

Search

— Forum Scope —






— Match —





— Forum Options —





Minimum search word length is 3 characters - maximum search word length is 84 characters

Register Lost password?
sp_Feed sp_topic_old
Security, or is it no-security
Avatar
Thinowns
Member
Forum Posts: 11
Member Since:
March 9, 2013
sp_UserOfflineSmall Offline
1
March 14, 2013 - 2:40 pm
sp_Permalink sp_Print

've noted that many web-based services are claiming to increase their security. 

Generally speaking for the user this appears as a longer password with some form of complexity (numbers, uppercase, specials).

I just want to raise 3 points here :

- use of uppercase/lowercase is a killer for aged people that typically type in whatever case is active. So asking them to SHIFT-key is quite blind-sided.

- the idea that more complex is better is a red-herring. Go to any office space and look for post-its, anything long and crazy-looking ... is a password. So we are moving responsibility from web service to individual, but we are not giving the individual the means to keep it secure.

- security 101. think of those web sites that insist on registration. Here I typically register with a password like qwerty12345 and rely on the forgotten password button. You'd be surprised how many sites (some actually claiming to provide secure cloud disk storage) will send me my password in clear by email (rather than the better password-reset link).

All this to say that this is not security. 

I can understand security but it should bridge what technology can do with what users are willing to bear (and understand). But systematically pushing the onus on users is equivalent to leaving an open door.

Avatar
Claw
Member
Forum Posts: 74
Member Since:
July 11, 2012
sp_UserOfflineSmall Offline
2
March 23, 2013 - 10:32 pm
sp_Permalink sp_Print

Hey Thinowns, I've used that "forgot password" button often. Why don't you try passwords of your favorite things, like, for example,, Fishing-1 or Cycling-2. You know know, just something simple to you but unknown to strangers on the net. Just a suggestion buddy. Take care.

Avatar
Alan Wade
Sweden
Member
Forum Posts: 43
Member Since:
January 18, 2013
sp_UserOfflineSmall Offline
3
March 24, 2013 - 5:16 am
sp_Permalink sp_Print

Install LastPass that way you only need to remember the password to your vault. It also generates passwords so you dont even have to do that and you can set it to auto-fill/login to any site you wish.

Forum Timezone: America/Indiana/Indianapolis

Most Users Ever Online: 188

Currently Online:
23 Guest(s)

Currently Browsing this Page:
1 Guest(s)

Member Stats:

Guest Posters: 10

Members: 1273

Moderators: 3

Admins: 4

Forum Stats:

Groups: 8

Forums: 19

Topics: 1538

Posts: 11824

Administrators: Jim Hillier, Richard Pedersen, David Hartsock, Marc Thomas

Moderators: Judy Novotny, Jason Shuffield, Mail Poet