Re: special characters in passwords

Wed, 10 Jan 2007 10:49:17 -0800

On 10 Jan 2007 03:36:33 -0800, in bit.listserv.ibm-main (Message-ID:<[EMAIL PROTECTED]>) [EMAIL PROTECTED] (R.S.) wrote:
BTW: Bruce Schneier's opinion on writing passwords cannot be treated as recommendation for internal company systems. He rather meant many sites on the web, etc. Many systems, unrelated on to each other, many rules, sometimes very hard to user. Application like password safe are good for this case. However it shouldn't be understood like recommendation for company systems. Better one is single sign on product. 


     Single sign-on is definitely the way to go, if 
possible.  However, it was not available at my old 
shop.  Nor is it possible for *all* of the passwords you 
need in your job.  At my old job, I had:


10 MVS systems w/ separate RACF databases

2 RACF RVARY passwords per system

1 VM system with unencrypted password file


1 Customer system which, I believe, had unencrypted 
passwords


2 IBMLINK userids

3 Omegamon passwords

3 TMS passwords

1 PC power-on password

1 SecurID password

1 E-mail system password

1 Problem/Change mgt password

1 long-distance phone password

1 voicemail password

1 internal website password

5 (or more) vendor website passwords


     You might be able to SSO some of these, but not all 
of them.  I also didn't list some minor ones (like the code 
to the push-button locks on the doors).  I also didn't list 
all of the passwords and PINs needed in my personal 
life.  Note that in about a quarter of the above, I could 
not be sure that the password was end-to-end encrypted, and 
thus had to be different from all other passwords.



     I believe that when Schneier said to write down 
passwords, he did mean work-related ones, too.  And I 
agree.  The alternative is that you'll have people with the 
same password on a weak system (maybe internal website) as 
a strong system (mainframe RACF).


--
I cannot receive mail at the address this was sent from.
To reply directly, send to ar23hur "at" intergate "dot" com

----------------------------------------------------------------------
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html






















					Reply via email to