So, end user training? Good point! On Wed, Apr 18, 2012 at 1:18 PM, Richard Pieri <[email protected]>wrote:
> On 4/18/2012 12:29 PM, Chris O'Connell wrote: > >> I guess what I'm looking for is a non-technical solution or idea of how to >> keep users from having to write the passwords on postits. >> > > Password policies are stupid. > > What needs to happen is that these folks need to be made to understand the > nature of the threats involved and why protecting information is important. > Once they understand that it is a short step for them to ask, "what can I > do about it?" That's when things start to stick because it isn't a policy > being put in the way of their work but their own actions protecting their > work. Having a vested interest in good security practices means they'll be > more likely to remember their passwords instead of needing to write them > down. Just as importantly, when they are part of the security process like > this they are less likely to be exploited socially. > > -- > Rich P. > > ______________________________**_________________ > Discuss mailing list > [email protected] > http://lists.blu.org/mailman/**listinfo/discuss<http://lists.blu.org/mailman/listinfo/discuss> > -- Chris O'Connell http://outlookoutbox.blogspot.com _______________________________________________ Discuss mailing list [email protected] http://lists.blu.org/mailman/listinfo/discuss
