Comments on: When Security is Insecure http://access.jiscinvolve.org/wp/when-security-is-insecure/ federating access management Tue, 21 Feb 2012 22:47:08 +0000 http://wordpress.org/?v=2.9.2 hourly 1 By: Rhys Smith http://access.jiscinvolve.org/wp/when-security-is-insecure/comment-page-1/#comment-7133 Rhys Smith Thu, 16 Sep 2010 18:40:13 +0000 http://access.jiscinvolve.org/wp/?p=314#comment-7133 What annoys me is when they don't let me put symbols in their "secure" password scheme. Argh! What annoys me is when they don’t let me put symbols in their “secure” password scheme. Argh!

]]> By: Ingrid Melve http://access.jiscinvolve.org/wp/when-security-is-insecure/comment-page-1/#comment-7123 Ingrid Melve Thu, 16 Sep 2010 09:51:50 +0000 http://access.jiscinvolve.org/wp/?p=314#comment-7123 This aligns with research from the Microsoft Research Labs http://research.microsoft.com/pubs/132859/popularityISeverything.pdf where Herley, Schechter and Mitzenmacher argue that the limitations posed upon users may result in poorer security. My personal vision for the work I have been doing in federations and security the past 10 years: being able to walk in to a university and see no sticky notes with passwords, even if I turn the keyboards over! This aligns with research from the Microsoft Research Labs http://research.microsoft.com/pubs/132859/popularityISeverything.pdf where Herley, Schechter and Mitzenmacher argue that the limitations posed upon users may result in poorer security.

My personal vision for the work I have been doing in federations and security the past 10 years: being able to walk in to a university and see no sticky notes with passwords, even if I turn the keyboards over!

]]>