Easier password rules

Somebody give these guys a high-five. Finally. There is a glimmer of hope for resolution to the insanity that has become password complexity rules. The National Institute of Standards and Technology recently revised guidelines for password complexity. The prescribed password complexity recommendations are detailed in Appendix A – Strength of Memorized Secrets. The NIST findings not only acknowledge the impact Read More …

The Yin and Yang of Security Patching

  My computer is working, don’t change anything. As an IT manager I observe this behavior regularly with end-users and product managers of eCommerce applications. It’s understandable. When a computer system is working and doing its job then “updates” are sources for creating failure. Updates change code. Updates rock the boat. If a computer security update hasn’t bitten you yet, Read More …