Daniel Carrera wrote:
Alan Frayer wrote:
Daniel, you make a grevious error yourself by assuming security violations only occur online.
1) I did not say that.
Fair enough.
2) The advice is given by a recognized security expert, not just me.I missed the quote, so I couldn't validate the source. I used to teach computer network administration, so I'm familiar with the subject.
Okay, I missed that, too, although all too often the advice becomes truncated to "write it down" and people stop using common sense after that. Don't forget, all too often habits acquired at home carry to work... and vice versa!The fact is that most security violations do occur when an "insider" has obtained physical access to the system involved.
And I did make a special mention for companies. I said that if you are in a company, the password should be some place safe and that a sticky note, or a drawer wasn't it.
Disgruntled employees are not likely to break into your home to steal your password.No, but disgruntled spouses and children ARE. How easy it is to transfer money from one account to another when you have the person's account number and password. How easy it is to disable the parental controls, when the password for the parental controls is kept in a little book near the computer.
How easy it is to lose your wallet... with all of your passwords on cards inside!
There is a reasonable balance here, and that's to create good passwords that blend memorable things. a1u0t1o9m1o9b5i9le ought to be a pretty good password, combining a common word and a date.If the written down password is secure, then it's okay to write down. If you cannot keep others from viewing your written password, you shouldn't write it down... period!
But keeping a paper version of the password fairly safe is quite easy. Hide it at home. Don't confuse "write it down" with "put it on a sticky note on your monitor".
I told my students to seal passwords in envelopes, then replace them every three months or every time you have to open the envelope.People:
* WRITE DOWN YOUR PASSWORDS.
* Put the password some place safe enough for your situation.
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
