Jay Heiser

A member of the Gartner Blog Network

Entries Tagged as 'password slurping'


May the Farce Be With You: pretend-complex passwords

by Jay Heiser  |  August 8, 2012  |  Comments Off

I was recently forced to change my password on a UK pension system, and my first 4 password offerings were unacceptable. I was baffled as to what part of the password didn’t meet the requirements.  Today, I needed to login and review a pay stub, had to reset my password, and the exact same thing […]

Comments Off

Category: Cloud security     Tags: , , , ,

Passwords are dead; long live the password

by Jay Heiser  |  August 1, 2012  |  1 Comment

I spent a frustrating 5 minutes this weekend enduring a forced password change on a retirement account containing $400. I was sure that the randomly generated and completely unmemorizable string my password utility came up with exceeded 7 characters, contained upper and lower case letters, at least 1 number, and a special character. It finally […]

1 Comment »

Category: security     Tags: , , , , , ,

You may not write down unmemorizable passwords

by Jay Heiser  |  April 19, 2012  |  1 Comment

I frequently see end user policies that contain the following two elements: Passwords must be so complex that they cannot be guessed Passwords may not be written down This is almost a model case of perfectly secure and perfectly unusable. I say almost, because the unfortunate fact of the matter is that strong passwords only […]

1 Comment »

Category: Policy security     Tags: , , , ,