 | | Security? —Dave Schuler
|
| | | Last week at my job I had the misfortune of attending a mandatory seminar on Information Security, which amounted to little more than "don't leave sensitive documents on the bus." Through the course of it, though, the lecturer discussed the various (...) (24 years ago, 13-Mar-01, to lugnet.off-topic.geek)
|
| | | |
| | | | | Re: Security? —Dan Boger
|
| | | | | (...) First of all, a lot of systems don't lock out accounts, just because they are misconfigured, or their admin doesn't realise the danger. Also, remember that most password hacking will occure offline - the intruder will somehow (and there are (...) (24 years ago, 13-Mar-01, to lugnet.off-topic.geek)
|
| | | | | |
| | | | | | | Re: Security? —Dave Schuler
|
| | | | | | (...) Sure, but what's the point of disabling my system after my own bogus attempts? To date, the only one who's been kept out of my system for that reason is me! I mean, why set "3" as the magic number, if external, high-voulme attacks are the big (...) (24 years ago, 13-Mar-01, to lugnet.off-topic.geek)
|
| | | | | | |
| | | | | | | | Re: Security? —Dan Boger
|
| | | | | | (...) because disabling the login (at least for a while) does help defend against brute force attacks. and the number 3 isn't magical in any way - I think a lot of systems have it set for 5, and from what I know, it's always configurable. the admin (...) (24 years ago, 13-Mar-01, to lugnet.off-topic.geek)
|
| | | | | | |
| | | | | | | | Re: Security? —Dave Schuler
|
| | | | | | (...) 8^) I'd figured that "3" had no inherent signficance but was just a standard. (...) Yeah--now how do I get into my system? Dave! (24 years ago, 13-Mar-01, to lugnet.off-topic.geek)
|
| | | | | | |
| | | | | | | | Re: Security? —Dan Boger
|
| | | | | | (...) uhh.... have a valid login and remember it's password? ;) or, get your admin to set the lockout to 30 minutes or so, so at least you don't have to bother him every time your forget :P Dan (24 years ago, 13-Mar-01, to lugnet.off-topic.geek)
|
| | | | | | |
| | | | | Re: Security? —John D. Forinash
|
| | | | (...) I suspect that lockouts after password retries aren't to secure the system, they're to secure the user. Draconian measures tend to reinforce the idea that passwords are _important_, and you should _remember_ them. [0] Oh, and we (system (...) (24 years ago, 13-Mar-01, to lugnet.off-topic.geek)
|
| | | | |
| | | | | | Re: Security? —Christopher Masi
|
| | | | (...) This statement is coming from an individual who forgets passwords that must be changed every 30 days.[1] Aren't most passwords acquired through human engineering anyway? Chris 1. Now, I ask someone else to do the stuff on the system that (...) (24 years ago, 13-Mar-01, to lugnet.off-topic.geek)
|
| | | | |
