Passwords will always be the topic of security. Always… always… always. We were still saying that passwords were the achilles heel of the network at the RSA Conference this year. Password is the first level of defense and therefore determining what makes a password “strong” consistently changes. Password strength is the new cloud. Strength is a great discussion but when you have a password like the one below… I ask what is the point?
Yes I was in Vegas and pretty sure “7” is a lucky number. So why did they put this password… on a piece of paper… in the first place? I love this environment where it seems in some cases we move forward and in some cases we go behind. For instance, we are moving forward with the password strength, constantly analyzing and adjusting the requirements to fulfill the needs. And then we have those moments where we fall behind such as in the password up above. Moments were we use the password of “4444” for our iPhone password.
When it comes down to it, in specific circumstances, do we really need passwords? Who are you trying to stop? And what are you trying to stop them from doing? In the above case, it was for the wi-fi network for a hotel in Vegas. What a great example for this post/password issue. This is Vegas. Either you are outside or you are inside working. There really aren’t any other options. It is really one of the few cases where if you are in your room… you are either working or sleeping.
So think about it, are there tools /applications/systems that just do not need a password at all? Are you fighting to put a really strong password on this entity and fighting to remember that password and then fighting to realize, one was just not needed. Let me make this clear… I am stating that a password may NOT… I repeat may NOT be needed. Am I giving up on the fight? Not at all, I am just putting my resources into areas where it makes the most impact. I don’t want to waste the time of those trying to figure this all out… and everyone is trying to figure it out