Quote:
Originally posted by Mr Mephisto
I recently ran a project for a very large company implementing a "strong complex password policy". We had to manage the update of over 50,000 accounts over a period of five days. Introducing such a policy (long passwords, with a mixture of lower case, upper case, numerical and extended characters and no dictionary words) greatly increases the security. I can't really go into too much more detail, but suffice it to say that mitigating security vulnerabilities forms a fundamental part of my job.
|
So instead of simple passwords, they'll all have them written on a sticky note under their keyboards, or in a desk drawer, or taped to the wall.
I sysadmin for a living. If it's too hard, people will write it down.