On Mon, 26 May 2014 11:10:38 -0400, Phil Smith III wrote: > >The other was for a somewhat smaller company, and had a display AND a button. >When you pressed the button, the display would change. My daughter was looking >at it and poked the button several times, and then I couldn't get in. I called >their helpdesk and got it reset; a friend later explained that the button >causes a new value, and the server end knows the *next few* values. So if you >only press it once, then it works. Press it a couple of times, and it works, >and the server says "OK, we skipped a value or two" and goes on from there. >Press it a BUNCH of times, and the server won't look that far ahead. >Seemed...cheesy to me (not that it wouldn't keep trying--doing so would be a >security risk; cheesy as a way of doing "next value"). > I had something like that. It was called a "Safeword" (my, how meanings change!), from www.securecomputing.com (that URL today redirects to McAfee). I needed to press a button and enter a non-expiring employee-specific PIN. After several false attempts, the account locked, but unlocked automatically after a while. How long? I didn't experiment; the behavior meant I was fatigued -- it would be OK the next morning.
The password rules, as I accumulate them: o Use a different password for each account. o Change passwords regularly (usually enforced). o Use complicated passwords (often enforced). o Don't record passwords. Yeah; right. -- gil ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO IBM-MAIN
