Friday, November 23, 2007

The most annoying security procedures

According to a Swedish survey with 1200 participants, these are the three most annoying security procedures that are enforced at companies:

...change password: 43%
...the USB port is blocked: 42%
...not being able to select password: 41%

I certainly agree with the first one... it is annoying, because it is hard to remember all passwords at different places.

1 comment:

Richard Bejtlich said...

I agree with the password change issue. Just what is the attack model here? Originally passwords were changed to stay ahead of the time it took to crack a password. I'd say that time has long since passed. Are we now supposed to change passwords as an account expiration mechanism? If yes, why not just disable inactive accounts?