Gartner Blog Network

Tag: 'passwords' Blog Posts

from the Gartner Blog Network

May the Farce Be With You: pretend-complex passwords

by Jay Heiser  |  August 8, 2012

I was recently forced to change my password on a UK pension system, and my first 4 password offerings were unacceptable. I was baffled as to what part of the...

Read more »

Passwords are dead; long live the password

by Jay Heiser  |  August 1, 2012

I spent a frustrating 5 minutes this weekend enduring a forced password change on a retirement account containing $400. I was sure that the randomly generated and completely unmemorizable string...

Read more »

You may not write down unmemorizable passwords

by Jay Heiser  |  April 19, 2012

I frequently see end user policies that contain the following two elements: Passwords must be so complex that they cannot be guessed Passwords may not be written down This is...

Read more »

Are your executives 'privileged users'?

by Jay Heiser  |  February 14, 2012

The front page of today's WSJ included the cybercrime news Chinese Hackers Suspected In Long-Term Nortel Breach.  This decade long attack purportedly included the theft and exploitation of passwords belonging...

Read more »

The Peril of Parallel Passwords

by Jay Heiser  |  December 23, 2011

I've reviewed three different policies so far this month, all of which contained the a similar requirement that users not write down their password. How counterproductive is that? It is...

Read more »

Time for a rant about passwords

by Jay Heiser  |  May 13, 2011

How much mental anguish is the result of ignorant accounting grads working for Big 4s, struggling to find SOX-relevancy, totally oblivious to the huge amount of HCI research that has been done...

Read more »