--- Original Message ---
: From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Al Mulnick
: Sent: Tuesday, 12 September 2006 12:47 AM
: To: [email protected]
: Subject: Re: [ActiveDir] OT: admin account in Vista
:
: Yes Ken, I believe it is a departure to write down the admin password for
every single
: workstation out there.
Certainly that is a departure.
: For many years the best practices have been to create passwords that were
: difficult but able to be remembered so they would not have to be written
down.
: Writing it down, the thinking goes, increases the risk that it would be
seen by
: somebody else.
Sure. But forcing people to memorize numerous passwords also has its own
risks. So we have tradeoffs here.
I think all that Jesper (et al) are saying is that blanket prohibitions on
writing down passwords tend to ignore the real reason why those prohibitions
came about in the first place. The password is the shared secret that enables
you to authenticate yourself. The shared secret must not be compromised, and
generally if you write down the password it can be compromised, because the
written down password tends to be easily accessible (e.g. taped to the user's
monitor).
However *if* you are able to secure the written down password (e.g. by using
your own password manager application, or a physical safe, or your wallet, or
whatever), then the increased risk of compromise may be acceptable because it
allows you to maintain a more diverse, complex, set of passwords for systems
you need to connect to. If you can not secure the secret, then do not write
it down.
I don't think there's anything really radical in that argument. It's just
that the caveat (security around the secret) has been lost, and the
exhortation not to write down the password has remained.
: I strongly disagree with the assertion and reversal of thinking.
Fair enough. But the original blog post cited did say (emphasis added):
we recommend the follow tips for *home* users
As I mentioned before, for your home PC, if you write down the admin password
and store it under your keyboard are you really risking much (assuming you
live alone or can trust your housemates)? Anyone who has access to that piece
of paper has already probably already broken into your house. You probably
have other worries which are much more pressing than having your computer's
admin password compromised :-)
At the risk of repeating what we already know - security is about risk
management. We need to know what risks we're facing. Home users have more
physical security they can rely on than the average corporate cubicle.
Relying on that physical security may be an acceptable risk.
Cheers
Ken
[EMAIL PROTECTED])
