Security Corner

Jan 9 2011   4:25PM GMT

Sometimes Clients Do Listen to My Advice

Ken Harthun Ken Harthun Profile: Ken Harthun

It’s always a good thing when people take my security advice; I do, after all, give them good stuff (like that password card over there, for instance). Over the years, I’ve amassed a large store of advice and tips that I continually promote to my clients. Yesterday, I was given a task that showed me at least some of them listen.

During an on-site call on Friday, the office manager approached me and said she had discovered that some of the staff were using extremely insecure passwords, things like their initials and birthdate, and at least two cases of “password.” She asked me what to do. I told her order everyone to immediately create secure passwords with a minimum length of 8 characters and have at least three of the following: upper case letters, lower case letters, numerals and special characters. (Note: this is a law office, so users are not allowed to change passwords on their own. The owners of the firm keep a secure list of everyone’s passwords so they always have access to employees’ hard drives.)

When I checked my email yesterday morning, I found a message with a spreadsheet attached. Yes, it was the list of passwords for me to change on the server; every password conformed to the standard. So, it looks like there will be no more insecure passwords at that firm. I consider that real progress

Now, maybe I can get them to understand and use email encryption so they won’t be sending me passwords in clear text.

 Comment on this Post

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when other members comment.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: