On 4/18/2012 12:29 PM, Chris O'Connell wrote:
I guess what I'm looking for is a non-technical solution or idea of how to
keep users from having to write the passwords on postits.
Password policies are stupid.
What needs to happen is that these folks need to be made to understand
the nature of the threats involved and why protecting information is
important. Once they understand that it is a short step for them to
ask, "what can I do about it?" That's when things start to stick
because it isn't a policy being put in the way of their work but their
own actions protecting their work. Having a vested interest in good
security practices means they'll be more likely to remember their
passwords instead of needing to write them down. Just as importantly,
when they are part of the security process like this they are less
likely to be exploited socially.
--
Rich P.
_______________________________________________
Discuss mailing list
[email protected]
http://lists.blu.org/mailman/listinfo/discuss
