[Infowarrior] - Amusing Navy password policy
Richard Forno
rforno at infowarrior.org
Fri Apr 3 14:44:17 UTC 2009
From a March 2009 CNO security manual (OPNAVINST 5510.50M dtd 23
March 09) --
Regarding passwords on official Navy systems --
"Use a combination of two uppercase, two lower case, two numbers, and
two symbols in your password (nine characters minimum). Administrator/
developer/root/super user accounts must contain a 15 character minimum."
How quickly folks forget that if you raise the bar for "better
security" too high, you run the risk of forcing everyday regular users
to circumvent those requirements just to accomplish their daily
activities. Thus, your attempt at providing "better" security likely
does just the opposite of what you intended.
.... I wonder how soon before Post-It notes sell out at Navy bases
around the world.
-rf
More information about the Infowarrior
mailing list