Tuesday, May 24, 2005

Security Industry giving wrong advice on passwords for 20 years

Here's something from Australia I found interesting. A security guru at Microsoft says that the security industry is wrong to advice customers to prohibit them to write down passwords as that merely means users will use the same weak password everywhere. The advice should be to rather use different, but strong passwords.

Now forgive my ignorance, but shouldnt we rather be addressing the use of passwords itself as an issue that needs a rethink? To my mind the use of passwords, strong or weak, rely too much on the human element and we should rather be looking to IAM or Single-sign-on (SSO) solutions as a managed approach to identities?
Rate this post: (Provided by NewsGator)


Post a Comment

Links to this post:

Create a Link

<< Home