I found this article interesting for discussion.
The article discusses how changing your password regularly is not as security effective as we are lead to believe.
http://www.boston.com/bostonglobe/id...your_password/
Printable View
I found this article interesting for discussion.
The article discusses how changing your password regularly is not as security effective as we are lead to believe.
http://www.boston.com/bostonglobe/id...your_password/
Yeah, but it will keep him from continuing to steal my peanut butter and jelly once I change the locks. If I know someone's email password, I am not going to make a lot of noise on the account, I am there for information. I don't want to lock the account, or alert them to my presence. I can maintain access until they change their password. If they never change it, I can continue to read their mail.Quote:
Particularly dubious are the standard rules for creating and protecting website passwords, Herley found. For example, users are admonished to change passwords regularly, but redoing them is not an effective preventive step against online infiltration unless the cyber attacker (or evil colleague) who steals your sign-in sequence waits to employ it until after you’ve switched to a new one, Herley wrote. That’s about as likely as a crook lifting a house key and then waiting until the lock is changed before sticking it in the door.