qubit
Overclocked quantum bit
- Joined
- Dec 6, 2007
- Messages
- 17,865 (2.99/day)
- Location
- Quantum Well UK
System Name | Quantumville™ |
---|---|
Processor | Intel Core i7-2700K @ 4GHz |
Motherboard | Asus P8Z68-V PRO/GEN3 |
Cooling | Noctua NH-D14 |
Memory | 16GB (2 x 8GB Corsair Vengeance Black DDR3 PC3-12800 C9 1600MHz) |
Video Card(s) | MSI RTX 2080 SUPER Gaming X Trio |
Storage | Samsung 850 Pro 256GB | WD Black 4TB | WD Blue 6TB |
Display(s) | ASUS ROG Strix XG27UQR (4K, 144Hz, G-SYNC compatible) | Asus MG28UQ (4K, 60Hz, FreeSync compatible) |
Case | Cooler Master HAF 922 |
Audio Device(s) | Creative Sound Blaster X-Fi Fatal1ty PCIe |
Power Supply | Corsair AX1600i |
Mouse | Microsoft Intellimouse Pro - Black Shadow |
Keyboard | Yes |
Software | Windows 10 Pro 64-bit |
You can see why the clueless stick a Post-It note on the monitor, can't you?
It may be Halloween, but for thousands of corporate IT users there’s another reason today inspires fear: it’s time once again for the mandatory end-of-month password change. Few common IT policies drive users to distraction as regularly and reliably as the aggressiveness of enterprise password policies.
But with more potential threats to enterprise security coming from external sources that take advantage of the users’ accounts once they’re already logged in, do byzantine password policies really do anything to protect corporate data? In some cases, the password policy may create a bigger security threat than the risk of a password being guessed.
The password problem
Passwords are still important, but the value of aggressive password policies as security against unauthorized access is questionable, said Andrew Marshall, CIO of Philadelphia-based Campus Apartments in an interview with Ars Technica. “Statistical attacks—repeated attempts at guessing a password using hints or a dictionary—are unlikely to yield results, provided that the enterprise system implements a ‘lockout after X incorrect attempts” policy,” he said. “Enforcing tricky complexity and length rules increases the likelihood that the password will be written down somewhere.”
Ars Technica