Dear Linkedin,
Hal Murray
hmurray at megapathdsl.net
Fri Jun 8 22:33:29 UTC 2012
>> I have accounts at probably 100's of sites. Am I to understand
>> that I am supposed to remember each one of them and dutifully
>> update them every month or two?
> Yes; of course if most of those accounts are moribund and unused then you
> don't need to change them so often, but the passwords you use frequently
> should be changed at regular intervals.
> It's pretty commonsensical once the threat is understood.
Does anybody have a good URL explaining that idea? It's been kicking around
for many years. I've never seen a convincing writeup.
Does your bank request/require that you change the PIN on your ATM card every
few months?
Security is a tradeoff. I think there are two cases for passwords. I'll
call them important and junk. I'm willing to store the junk ones in a file
or piece of paper that I'm careful with. I have to memorize the important
ones.
I'm only smart enough to memorize a few good passwords. If I change them
every few months, they will be less good, or fewer of them.
--
These are my opinions. I hate spam.
More information about the NANOG
mailing list