Passwords - Design Errors And Operational Issues: Difference between revisions
No edit summary |
No edit summary |
||
Line 7: | Line 7: | ||
-This often results in using the same passwords for different purposes<br><br> |
-This often results in using the same passwords for different purposes<br><br> |
||
''Example:''<br> |
''Example for a design error:''<br> |
||
[[Passwords - A Bad Mnemonic System|A Bad Mnemonic System for Saving Pins]] |
[[Passwords - A Bad Mnemonic System|A Bad Mnemonic System for Saving Pins]]<br><br> |
||
''Example for operational issues:''<br> |
|||
-Using same passwords and circumstances for test environments and real environments, which can cause severe security problems, if both are accessable. (cmp. to the Prestel incident in Britain)<br> |
|||
-Failing to reset the default passwords supplied with products or services is always a source of security lacks |
|||
---- |
---- |
Revision as of 20:59, 8 November 2004
A frequent source of severe design errors can be fast built systems, developed by unskilled people:
-Identification for example by your “mother’s maiden name”, which is easy for the thief to find out from birth or marriage records
-The sheer number of applications for which the average person is asked to use a password exceeds the powers of human memory
-This often results in using the same passwords for different purposes
Example for a design error:
A Bad Mnemonic System for Saving Pins
Example for operational issues:
-Using same passwords and circumstances for test environments and real environments, which can cause severe security problems, if both are accessable. (cmp. to the Prestel incident in Britain)
-Failing to reset the default passwords supplied with products or services is always a source of security lacks
Back (Remembering the Password) | Table of Contents | Next (System Issues)