This is the hard part. Not every IT person gets to dictate policy to their organization.
I know, but it is their (the I.T. person's) responsiblity to make it clear in no uncertain terms what the risks are with running an insecure system - and that the minor inconveniences are nothing when compared to the possibility of a system becoming compromised.
You might be called in to explain why you didn't implement the bad idea "correctly" when the shit inevitably hits the fan!
Assuming you are referring to the use of strong passwords as a 'bad idea'... (?)
I'm much more worried about being called on the carpert for a system becoming compromised and explaining why all of our systems email was deleted, and/or confidential employee data was stolen, etc etc.
In all but the worst circumstances, it is not that difficult to get approval from management to enforce a strong security model, including [inconvenient] strong passwords.
-- Best regards, Charles _______________________________________________ DBmail mailing list [email protected] https://mailman.fastxs.nl/mailman/listinfo/dbmail
