[Sigia-l] Password usability
Skot Nelson
skot at penguinstorm.com
Fri Dec 10 18:22:34 EST 2010
I would certainly point out it's baslessness (no evidence) but the real point is the one you've made: nothing requires users to use special characters in your example.
--
Skot Nelson
skot at penguinstorm.com
twitter. penguinstorm
On 2010-12-10, at 15:11, Andrew Boyd <facibus at gmail.com> wrote:
> Skot,
>
> I'm confused. Are you saying that you would not challenge the baseless
> assumption by the IT security person? Is this a "he said, she said"
> argument that is not worth having?
>
> Cheers, Andrew
>
> On Sat, Dec 11, 2010 at 7:28 AM, Skot Nelson <skot at penguinstorm.com> wrote:
>>
>> On Dec-10-2010, at 12:04 , Andrew Boyd wrote:
>>
>>> I'd be
>>> spinning this one around and asking your IT security colleague to
>>> supply some research. So many organisations get into trouble because
>>> of baseless IT security voodoo -
>>
>> While this is true, starting a he said she said argument usually doesn't get you very far.
>>
>> Jayson's original point about the difference between *allowing* characters and *requiring* characters is really quite reasonable.
>> --
>> Skot Nelson
>> skot at penguinstorm.com
>>
>> "In anything at all, perfection is finally attained not when
>> there is no longer anything to add, but when there
>> is no longer anything to take away."
>> -- Antoine de Saint-Exupéry, Wind, Sand and Stars
>>
>>
>>
>>
>>
>>
>>
>
>
>
> --
> ---
> Andrew Boyd
> http://uxbookclub.org -- connect, read, discuss
More information about the Sigia-l
mailing list