Ricochet is the best place on the internet to discuss the issues of the day, either through commenting on posts or writing your own for our active and dynamic community in a fully moderated environment. In addition, the Ricochet Audio Network offers over 50 original podcasts with new episodes released every day.
How to Spot a Spy
Welcome to this week in Federal Times:
It’s not a parody. That’s what I thought, too, but nope: You paid for the production of that video.
For realz.
Published in General
The sad part is, it’s the obvious stuff that people do a lot more often than not. That NASA weather drone that was “hacked” a few days ago was gotten into because they used the default password. I agree with you though, for the love of all that’s good at least try to make the reminder videos either funny or interesting and not mind numbingly stupid.
This is as much IT’s fault as it is the users’, and both should be hammered hard.
It’s easy enough to require a new password on first default password login, and it’s easy enough to require the password to be changed at intervals while locking out the last number of passwords a user has used.
Eric Hines
But that has caused people to write down their passwords or just add a number to the end. Eventually, the best solution is two-factor authentication (something you know and something you have). If it is important enough for banks to require it for corporate accounts, it should be important enough for certain levels of government.
It’s not that hard to require a full change to the password, not just add or subtract a character or two.
Still, you’re right that two-factor authentication would be a further improvement. Like most things, though, this is an arms race, and businesses–and government–are going to have to be draconian toward employees who evade the purpose of authentication for their personal convenience.
That’ll take some considerable cultural change, though.
Eric Hines
This is true, the problem is not one that’s user only. Human flaws (or at least limitations) create all kinds of havoc even among the people who should know better.