"Martin Blackstone" <[EMAIL PROTECTED]> wrote on 12/25/2007 05:56:13 PM:
> With all you can use Post-It notes for the duration of said password. Ah, but if users were actually encouraged to write down their passwords *securely*, many would have no problem doing so. People have been securing paper forever - it's not a new concept to train them in or a new habit to get them to form. For some reason, computer security "experts" often treat a password written down as this pariah - when it's a much better solution then a weak password. This is where security folks (esp. auditors who audit by checklist) shoot organizations in the foot. Jesper Johansson, Steve Riley, Bruce Schneier - some of my favorite security folks because they directly challenge "best practices" such as not writing passwords down - and point out why it's bad vs. good. http://www.theregister.co.uk/2005/07/19/password_schneier/ Eric Eskam =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= The contents of this message are mine personally and do not reflect any position of the U.S. Government "The human mind treats a new idea the same way the body treats a strange protein; it rejects it." - P. B. Medawar ~ Upgrade to Next Generation Antispam/Antivirus with Ninja! ~ ~ <http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm> ~
