Feeds

Passwords are for AES-holes

Security is an illusion

Choosing a cloud hosting partner with confidence

Something for the Weekend, Sir? When did you reach burnout? For me, it was spring 2009. Looking back, I did well to last as long as I did but the constant pressure of coming up with something new, again and again, became too much.

I'm not confessing to an emotional crisis, by the way. I'm talking about my ability to create new system logins that I can remember for longer than an afternoon. Today, about a third of my incoming emails have 'password reset' in the subject line.

Reginald Perrin. Source: BBC/2 Entertain

'Oh god, not another bloody password to remember. One more and I'll fake my own death just to avoid the buggers'
Source: BBC/2 Entertain

My password fatigue came to a crunch while I was freelancing at a company that bullied its users into entering a unique login every time you wanted to do anything whatsoever on one of their computers. First up was a straightforward Active Directory login, which is fair enough, but this barely carried you beyond the company's intranet page.

Want to visit an external website? Another login. Check email? Another login - yes, even with AD. Run the core apps? Another login. Open the image library? Another login. Access the database? Another login. Browse the archive? Another login. Launch the production tool? By now, you know the answer.

If I was working remotely, I had to use yet another login to seek permission to enter any of the above logins, and it was particularly irritating because it insisted on asking me to enter this one twice. Those of you who know me: it's not the company you think it is, so keep guessing.

Reginald Perrin. Source: BBC/2 Entertain

'I didn't get where I am today by not forcing my staff to log in 13 times to to start work'
Source: BBC/2 Entertain

Most of the company employees got around the problem by creating identical ID names and passwords for everything. The IT department responded to this challenge by forcing users to change their passwords every month. The ever-resourceful users quickly discovered that the automatic prompt was fixed to a 12-month cycle, so all they had to do when prompted to change their passwords was to spend a minute changing it 12 times and then choose their original password again.

Now I understand why computer security is important. I also understand why I should not use the same ID and password for all my bank accounts and credit cards. What I don't understand is why I would need 13 different logins at the same company simply to identify who I am.

Security for virtualized datacentres

More from The Register

next story
TEEN RAMPAGE: Kids in iPhone 6 'Will it bend' YouTube 'prank'
iPhones bent in Norwich? As if the place wasn't weird enough
iPAD-FONDLING fanboi sparks SECURITY ALERT at Sydney airport
Breaches screening rules cos Apple SCREEN ROOLZ, ok?
Crouching tiger, FAST ASLEEP dragon: Smugglers can't shift iPhone 6s
China's grey market reports 'sluggish' sales of Apple mobe
Apple's new iPhone 6 vulnerable to last year's TouchID fingerprint hack
But unsophisticated thieves need not attempt this trick
How the FLAC do I tell MP3s from lossless audio?
Can you hear the difference? Can anyone?
The British Museum plonks digital bricks on world of Minecraft
Institution confirms it's cool with joining the blocky universe
prev story

Whitepapers

A strategic approach to identity relationship management
ForgeRock commissioned Forrester to evaluate companies’ IAM practices and requirements when it comes to customer-facing scenarios versus employee-facing ones.
Storage capacity and performance optimization at Mizuno USA
Mizuno USA turn to Tegile storage technology to solve both their SAN and backup issues.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Beginner's guide to SSL certificates
De-mystify the technology involved and give you the information you need to make the best decision when considering your online security options.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.