0
kallend

Password Prevented

By kallend, in Speakers Corner

Recommended Posts

Coreece    190

Coreece

How is this a great article? It basically wreaks of ignorance.

Ok, fine...I get it. The guy is getting his panties up in a bunch about his fifth grade daughter having a big password, then tries to validate the stupidity by equating it to real life examples such as his experience with a particular video production company he worked with....:S:D

The guy works for CBS...He should understand the importance of security when dealing with video in this country. Either he understands completely and is just trying to make a stink for the butt-fuck entertainment of it, or he's just as ignorant as all the other hot shot know-it-all producers that boast in their butt-fuck ignorance...

Does he understand how the entertainment biz is keeping this country on life support?

I was hired into a major prost production studio in "Hollywood" (which I can't disclose) due to the pre release theft of a major film in 2005 starring Christian Bale (which I also can't disclose) The estimated loss for the client and the feds was over $200+ million (India + China sales alone)

This company had an impecable record, but all it takes is one time. It was an inside job...most everybody was fired. The two guys involved did 3 years in prison.

After I got hired in, I had to go through a visual/magnetic card checkpoint, then a single magnetic card checkpoint, than a thumbprint+magnetic card checkpoint to enter a vault where we would edit the features. Inside that vault I was one of only 3 people the the world that had card access+key to enter the main vault that housed almost every movie/tv show produced my almost every major studio. We also got frequent visits from the FBI.

It's good that kids today are learning good security procedures...our country depends on it...even if it's for MTV!

Your secrets are the true reflection of who you really are...

Share this post

Link to post
Share on other sites

DougH    270

DougH
We use secure ID's at work. They are random number generators, and you use them inconjunction with a 4 digit pin.

Without the 4 digit pin the secure ID is useless.

It doesn't identify anything about the company, so if found on the streat it wouldn't do anything.

All you need to do is remember your four digit pin.
"The restraining order says you're only allowed to touch me in freefall"
=P

Share this post

Link to post
Share on other sites

kallend    1,640

kallend
Quote

We use secure ID's at work. They are random number generators, and you use them inconjunction with a 4 digit pin.

Without the 4 digit pin the secure ID is useless.

It doesn't identify anything about the company, so if found on the streat it wouldn't do anything.

All you need to do is remember your four digit pin.



Point of the article is that

1. Stupid IT geeks are putting absurd levels of security on things that don't need to be secured (like 5th grade homework)

2. When you expect people to memorize more than one or two random passwords which change regularly they are going to write them down, thus destroying any ostensible security the stupid IT geeks think they are creating.

You should read the story of how teutonic stupidity over security actually helped the codebreakers to decipher the Enigma codes in WWII.
...

The only sure way to survive a canopy collision is not to have one.

Share this post

Link to post
Share on other sites

DougH    270

DougH
I know and I agree. I was only pointing out that there are ways to have high security that doesn't result in undesired human actions, like passwords on posty notes.
"The restraining order says you're only allowed to touch me in freefall"
=P

Share this post

Link to post
Share on other sites

regulator    0

regulator
As an IT professional I have a high exposure to users using simple passwords (like Password1) and they are much more vulnerable to being hijacked by brute force attacks since their password is so weak. I personally use a highly complex password and I find it even helps during exposure to spyware and other malicious forms of code. However trying to enforce complex passwords on young kids and expecting them to learn it is another beast entirely.

Share this post

Link to post
Share on other sites

kallend    1,640

kallend
Quote

Quote

"Single sign on".
Been promised to the IT industry for more than 25 years now.
[:/]

Why don't we just use biometrics and be done with it?
:S



Because there's still problems with it...


Of course, there are no problems with people writing their passwords on post-it notes and sticking them on their monitors.
...

The only sure way to survive a canopy collision is not to have one.

Share this post

Link to post
Share on other sites

sfzombie    3

sfzombie
what is acceptable is writing down your password in a small wire-bound notebook and keeping it locked in a drawer or in your pocket. or on t a piece of paper in your wallet or pocket. the thing i can't understand is when people tape them somewhere. or make ones they can't remember, it's too easy to use your imagination. like: p@$$W0rD or the like. i use 6 different ones for work and after using the paper for a week, had them all down. one day i had a brain fart and had to actually pull the paper out of my wallet.
http://kitswv.com

Share this post

Link to post
Share on other sites

kelpdiver    2

kelpdiver
Quote

what is acceptable is writing down your password in a small wire-bound notebook and keeping it locked in a drawer or in your pocket. or on t a piece of paper in your wallet or pocket. the thing i can't understand is when people tape them somewhere. or make ones they can't remember, it's too easy to use your imagination. like: p@$$W0rD or the like. i use 6 different ones for work and after using the paper for a week, had them all down. one day i had a brain fart and had to actually pull the paper out of my wallet.



that's not really acceptable, no. When your wallet is stolen, they'll appreciate the passwords being stored right next to the credit cards.

OTOH, if you can remember just one password, you can keep an encrypted file with all of your accounts listed. Though even with this, I still substitute codes for the primary elements of the password.

Share this post

Link to post
Share on other sites

sfzombie    3

sfzombie
that is what i'm referring to...do you really think i'm stupid enough to write down the actual spelling? i've use "military" for "130p@Rd!!!" for the german leopard iii tank of the '90's. that's exactly the same concept as the pin number, which by the way as a budding it security guy, i'm going to use. as i said, i have a lot to learn about this it shit, but up until this quarter, i've held a 4.0 gpa. i got an 89 in math 2.
http://kitswv.com

Share this post

Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
0
Go To Topic Listing