password security – Noise https://noise.getoto.net The collective thoughts of the interwebz Sat, 15 Oct 2011 00:00:03 +0000 en-US hourly 1 https://wordpress.org/?v=6.8.2 Part 2: On Passwords, Password Policies, and Teaching https://noise.getoto.net/2011/10/15/part-2-on-passwords-password-policies-and-teaching/ Sat, 15 Oct 2011 00:00:00 +0000 http://noise.getoto.net/?guid=f7c815c829d4f69b47eacfe75087cd75
I provided the initial question, and my response about what drives institutional policy - essentially what I summarized here. The assignment was:

Explain how you would answer this question for a user, and for IT management, and how your policy might differ for each of these environments:
  • A large multinational corporation
  • A commercial website like Amazon, or a cloud service like Dropbox or Picasa
  • A small company or non-profit
This sort of thought exercise is one that I feel is crucial for those who are learning information security, and is similar to questions I ask my employees when we discuss why our policies are what they are.
]]>