Home > slashdot > Please Do Not Change Your Password

Please Do Not Change Your Password

April 13th, 2010 04:11 admin Leave a comment Go to comments

cxbrx writes “Mark Pothier’s Boston Globe article, Please do not change your password,” covers a paper by Microsoft Researcher Cormac Herley, ‘So Long, and No Thanks for the Externalities: the Rational Rejection of Security Advice by Users,’ from the 2009 New Security Paradigms Workshop. Herley argues ‘that user’s rejection of the security advice they receive is entirely rational from an economic perspective.’ Herley discusses ‘password rules,’ ‘teaching users to recognize phishing sites by reading URLs,’ and ‘certificate errors.’ Users obviously choose bad passwords, but does password aging actually help? There was some discussion on TechRepublic. I’m especially interested in hearing about studies about password aging.”

The origins of all this come from a post on bash.org.

Source: Please Do Not Change Your Password

Related Articles:

  1. Users Rejecting Security Advice Considered Rational
  2. It’s World Password Day: Change Your Passwords
  3. Password Security: Why the Horse Battery Staple Is Not Correct
  4. Scribd Reveals It Was Hacked, Asks Users To Change Their Passwords
  5. Password Strength Testers Work For Important Accounts
blog comments powered by Disqus