"At the risk of repeating what we already know - security is about risk management. We need to know what risks we're facing. Home users have more physical security they can rely on than the average corporate cubicle. Relying on that physical security may be an acceptable risk."
You need to be careful here - risk alone may skew your decision. The related impact also needs to be factored in. The impact of a compromised password in the corporate world have a far greater impact than does a compromised password in a user's house. Normally, risk mgt involves a "probability" factor and an "impact" factor. When multiplied together, we have our resultant "risk" factor. It is this latter 'number' which is of most relevance. My 2 penneth to a very interesting thread :) neil -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Ken Schaefer Sent: 12 September 2006 02:00 To: [email protected] Subject: RE: [ActiveDir] OT: admin account in Vista --- Original Message --- : From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Al Mulnick : Sent: Tuesday, 12 September 2006 12:47 AM : To: [email protected] : Subject: Re: [ActiveDir] OT: admin account in Vista : : Yes Ken, I believe it is a departure to write down the admin password for every single : workstation out there. Certainly that is a departure. : For many years the best practices have been to create passwords that were : difficult but able to be remembered so they would not have to be written down. : Writing it down, the thinking goes, increases the risk that it would be seen by : somebody else. Sure. But forcing people to memorize numerous passwords also has its own risks. So we have tradeoffs here. I think all that Jesper (et al) are saying is that blanket prohibitions on writing down passwords tend to ignore the real reason why those prohibitions came about in the first place. The password is the shared secret that enables you to authenticate yourself. The shared secret must not be compromised, and generally if you write down the password it can be compromised, because the written down password tends to be easily accessible (e.g. taped to the user's monitor). However *if* you are able to secure the written down password (e.g. by using your own password manager application, or a physical safe, or your wallet, or whatever), then the increased risk of compromise may be acceptable because it allows you to maintain a more diverse, complex, set of passwords for systems you need to connect to. If you can not secure the secret, then do not write it down. I don't think there's anything really radical in that argument. It's just that the caveat (security around the secret) has been lost, and the exhortation not to write down the password has remained. : I strongly disagree with the assertion and reversal of thinking. Fair enough. But the original blog post cited did say (emphasis added): we recommend the follow tips for *home* users As I mentioned before, for your home PC, if you write down the admin password and store it under your keyboard are you really risking much (assuming you live alone or can trust your housemates)? Anyone who has access to that piece of paper has already probably already broken into your house. You probably have other worries which are much more pressing than having your computer's admin password compromised :-) At the risk of repeating what we already know - security is about risk management. We need to know what risks we're facing. Home users have more physical security they can rely on than the average corporate cubicle. Relying on that physical security may be an acceptable risk. Cheers Ken [EMAIL PROTECTED]) PLEASE READ: The information contained in this email is confidential and intended for the named recipient(s) only. If you are not an intended recipient of this email please notify the sender immediately and delete your copy from your system. You must not copy, distribute or take any further action in reliance on it. Email is not a secure method of communication and Nomura International plc ('NIplc') will not, to the extent permitted by law, accept responsibility or liability for (a) the accuracy or completeness of, or (b) the presence of any virus, worm or similar malicious or disabling code in, this message or any attachment(s) to it. If verification of this email is sought then please request a hard copy. Unless otherwise stated this email: (1) is not, and should not be treated or relied upon as, investment research; (2) contains views or opinions that are solely those of the author and do not necessarily represent those of NIplc; (3) is intended for informational purposes only and is not a recommendation, solicitation or offer to buy or sell securities or related financial instruments. NIplc does not provide investment services to private customers. Authorised and regulated by the Financial Services Authority. Registered in England no. 1550505 VAT No. 447 2492 35. Registered Office: 1 St Martin's-le-Grand, London, EC1A 4NP. A member of the Nomura group of companies.
