Stories
Slash Boxes
Comments

SoylentNews is people

posted by Fnord666 on Tuesday July 17 2018, @06:24PM   Printer-friendly
from the correct-horse-battery-staple dept.

More than a decade after first examining the issue, research by the University of Plymouth has shown most of the top 10 English-speaking websites offer little or no advice guidance on creating passwords that are less likely to be hacked.

Some still allow people to use the word 'password', while others will allow single-character passwords and basic words including a person's surname or a repeat of their user identity.

Professor of Information Security Steve Furnell conducted the research, having carried out similar assessments in 2007, 2011 and 2014.

Have password restrictions ever helped?


Original Submission

 
This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
  • (Score: 2) by Snotnose on Tuesday July 17 2018, @11:42PM (5 children)

    by Snotnose (1623) on Tuesday July 17 2018, @11:42PM (#708577)

    You can't fix stupid. In the 90's/00's I spent a lot of time as a sysadmin. Telling my users I was running password crackers 24/7, I caught the same people every fricken week. The response was always "fuck off, don't you have work to do?".

    --
    Why shouldn't we judge a book by it's cover? It's got the author, title, and a summary of what the book's about.
    Starting Score:    1  point
    Karma-Bonus Modifier   +1  

    Total Score:   2  
  • (Score: 0) by Anonymous Coward on Tuesday July 17 2018, @11:57PM (1 child)

    by Anonymous Coward on Tuesday July 17 2018, @11:57PM (#708581)

    Fuck off. Don't you have work to do?!

    • (Score: 2) by DannyB on Wednesday July 18 2018, @03:31PM

      by DannyB (5839) Subscriber Badge on Wednesday July 18 2018, @03:31PM (#708823) Journal

      Hey, try entering "penis" for your password. I'm sure the computer will respond: "sorry, not long enough".

      --
      People today are educated enough to repeat what they are taught but not to question what they are taught.
  • (Score: 1, Touché) by Anonymous Coward on Tuesday July 17 2018, @11:59PM (2 children)

    by Anonymous Coward on Tuesday July 17 2018, @11:59PM (#708583)

    The response was always "fuck off, don't you have work to do?".

    If you didn't have management buy-in, then didn't you have work to do?

    • (Score: 2) by DannyB on Wednesday July 18 2018, @03:29PM (1 child)

      by DannyB (5839) Subscriber Badge on Wednesday July 18 2018, @03:29PM (#708821) Journal

      Management should buy in. If Snotnose can crack people's passwords, then so can someone else.

      If management doesn't buy in, this is indicative of an attitude which makes it more likely that:
      1. security is weak elsewhere
      2. a hacker will penetrate your systems
      3. they will steal your password file
      4. the password file will be easy to crack, as Snotnose has demonstrated
      5. Other system penetrations, data theft, malware installation, and other nefarious things will occur

      If management doesn't buy in, then they need to be replaced. There is probably somewhere to report such poor security. (other than an anonymous online post)

      --
      People today are educated enough to repeat what they are taught but not to question what they are taught.
      • (Score: 0) by Anonymous Coward on Wednesday July 18 2018, @11:05PM

        by Anonymous Coward on Wednesday July 18 2018, @11:05PM (#709073)

        Look at Dilbert's PHB and then, knowing what management should be doing, tell me by what likelihood they are actually going to do it.