Balancing Life & Work ---> 18.75 Years at Sun & Counting
Kimberley Brown's Blog
Archives
« May 2008
SunMonTueWedThuFriSat
    
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
       
Today
Click me to subscribe
Search

Links
 


 

Today's Page Hits: 224


My blog is worth $5,080.86.
How much is your blog worth?

« Sugaring Seaon is... | Main | Spring Operating... »
Monday Mar 17, 2008
Change Your Password

It's truly a pain in the tush, but on a regular basis, per corporate policy, Sun employees must change their UNIX login passwords.   And when one delves deeper to learn the reasoning behind this, sure, it makes sense.

However, with each change, there is the headache of trying to create a new password which had not been used before, meets the stringent requirements of being difficult to crack, and is still useable and rememberable....

... one which ultimately will NOT end up being taped to the underside of the keyboard, written into a note book, or tucked into a wallet.

For this user, the pleasure of changing passwords ranks right up there with paying taxes and going to the dentist.   Oh joy.

Now that I've changed my password yet again, I just hope I will remember it tomorrow!     :-)

Posted at 04:07PM Mar 17, 2008 by Kimberley Brown in On The Job  |  Comments[3]

Comments:

add to this the thrill of your new password not activating with every sun application for a couple of days so that you then spend your time trying both passwords as a crapshoot to see which will work! i have taken to changing my password on fridays so that when i come in on monday, it's been migrated across every possible use.

Posted by 192.18.43.225 on March 17, 2008 at 04:33 PM EDT #

Actually recording it somewhere is not the evil that may think that it is. The real problem with people writing passwords down is that it's not done in a safe way (eg post-it under the keyboard, in a desk, whatever). There are safe ways to record a password.

I've written a small bit of C that generates blocks of type-able passwords that pass the tests that Sun requires. I can generally find that I can remember. For about two weeks, a copy of this password lives in a note on my phone (which is always with me). After that I find that because of how I generate these passwords, my fingers simply remember it. In fact, I'd probably be pushed to recite my current password, but put me in front of a keyboard and it's rattled off very quickly.

Alan.

Posted by Alan Hargreaves on March 17, 2008 at 06:51 PM EDT #

Most security experts believe that forcing people to change passwords or using "strong passwords" probably weaken overall system security.

The real solution is to switch to something strong. Sun can easily give everyone a device that generates a one-time use password. Then deploy Kerboros for single-sign-on.

These technologies are at Sun's disposal. Then it chose to do this stupid password changing thing.

Posted by 210.82.65.25 on March 18, 2008 at 06:17 AM EDT #

Post a Comment:
Comments are closed for this entry.