For what it is worth has anyone suggested to your small clients they get one of the "free" password safes? I use one for my self and a couple of my individual clients that have a history of losing the piece of paper they write their passwords on. I tell them up front if I hold the password I keep it encrypted and only I have access. So far none of them has made an issue of it. I have had calls asking what a password was. They were supprised it took me a couple of minutes to get the password safe open and give it to them but happy I had it for them. For others when I work on their systems I print out physical configuration and any user ID's and passwords and put it inside the system. I tell them where it is and why. Those are the ones that don't want me to hold their passwords. So far they seem happy as well. I know for corporate use this may not be wise but for personal use I would think it works well. Jon > From: [email protected] > To: [email protected] > Subject: RE: OT : Humor only an Admin can enjoy. > Date: Sat, 25 Aug 2012 05:35:06 +0000 > > I disagree. > > Car manufacturers have been constantly finding ways to make our driving > experience safer, and less stressful. Whilst it still requires some level of > co-ordination, skill and concentration to drive a car, it is far safer and > far easier to drive a car now than at any time in the past. And companies are > working on ways to make it even more so. > > Likewise the IT industry has to find better ways to keep things secure rather > than relying on changing the entire human race's behaviour. Because the > latter is a losing proposition - it always has been and always will be. > Constant whinging by *IT Professionals* has done nothing to change that fact > in the past 40 years. > > Passwords may have worked when users only had to remember 5. These days it's > starting to break down. So, what do to? Microsoft tried CardSpace, and > building password memory systems in Windows and IE. Wasn't entirely > successful. Some companies are trying federated identity systems (e.g. "login > with your Facebook account"). Maybe the government should just issue people > with smart cards (whether or not they are tied to your actual identity - at > least they would be relatively impossible to duplicate, with today's > technology). > > The constant whinging about programmers, users and everyone else, on this > list, is so tiring. No one is discussing solutions. Telling the entire > population of the developed world to "suck it up" is not a solution IMHO. > > FWIW IT admins here seem to have no compunction re. posting the products they > use, the configuration they have, the AV they have installed, their password > complexity rules, their administration techniques, and the companies they > work for and when they are out-of-the-office etc. It's rank hypocrisy. > > Cheers > Ken > > -----Original Message----- > From: Kurt Buff [mailto:[email protected]] > Sent: Saturday, 25 August 2012 3:15 PM > To: NT System Admin Issues > Subject: Re: OT : Humor only an Admin can enjoy. > > On Fri, Aug 24, 2012 at 8:57 PM, Ken Schaefer <[email protected]> wrote: > > You work in IT admin - passwords are something you deal with every day. > > And so do all who have more than one online account for most anything. > > > Probably bank tellers have few(er) issues remembering multiple bank > > account numbers, but I think that most people would struggle to > > remember more than 5. Luckily most of us doesn't have 5 bank account > > numbers we need to memorise. > > > > Tax accountants can probably remember > > > >> For these people, I will play the world's smallest violin. > > > > Why did you feel the need to make this type of comment? > > If creating many passwords is a problem that lay people have, then the > > proliferation of requirements to create accounts and corresponding > > passwords is something we should be aware of (and perhaps worried > > about). Not something to dismiss as an unfounded whinge. > > It is an unfounded whinge. The world is a complex and sometimes dangerous > place, and the online world is more so. All of us, users included, need to > suck it up, realize that what we do has consequences, and that practicing > safe computing is like practicing safe driving or safely performing any other > task - it requires concentration, planning and some intelligence. You can't > do it on autopilot. There are tools for to help deal with that complexity - > and as IT professionals we can certainly help folks by pointing out those > tools, in this case things such as PasswordSafe, Keepass, LastPass, or other > tools to manage the task. But the need remains to change passwords, and to > keep them strong enough to foil the malicious, or at least limit the damage. > > Kurt > > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to [email protected] > with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
--- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected] with the body: unsubscribe ntsysadmin
