ecchi |
2012-12-31 04:38 AM |
Quote:
Originally Posted by papagmp
(Post 522380)
changing passwords regularly is part of any decent security protocol.
|
No it's not. If you are forced to repeatedly change your password you eventually have to write it down (as Toby said). You also end up running out of ideas and using things you would not normally even consider using (eg mother's maiden name).
The main reason companies insist on this is to cover up their own mistakes. When someone hacks their system and gains access to their clients because they were not secure enough they can defend themselves with "It is not our fault, it is your fault. What do you expect to happen if you use such an insecure password/write your passwords down." If they are asking, in advance, for you to "give them an excuse", they already know that their security is shit. Why would anyone even consider giving sensitive information to a company like this?
However, even worse, are those companies who are not doing to cover themselves but because they genuinely believe it is a good idea. They have read posts like yours, and without thinking it through have implemented it as policy. Basically they are idiots who have no idea about real security, and are basing their security policies on "something they read on the Internet". They are well meaning and think they are doing the right thing, but that is no consolation when some Russian hacker gets hold of your bank details from hacking them, and steals all your savings.
|