Cryptography being used, but badly
David Hansen
davidh at spidacom.co.uk
Tue May 26 10:39:32 BST 2009
On 26 May 2009 at 10:13, David Biggins wrote:
> But it's far from rare; I've told before of visiting a couple of
> hospitals where every screen I saw had a user ID and password Dymo-taped
> to - many of them in nice quiet little alcoves where a visitor might
> hope to pass un-noticed for a while...
A more organised version of the post-it note. It also implies more than
one person using the same user name.
No-doubt some fool decided to make the passwords "more secure" by
making them unrememberable, not changeable by the user and changing
regularly. Such policies may be thought to protect the backside of the
person setting them, but they don't as the inevitable post-it note and
so on is due entirely to the policy.
Given the police have been using "conspiracy" extensively recently, is
this not a real example of a conspiracy by the hospital staff, as
opposed to the non-conspiracies the police have been bumbling about?
--
David Hansen, Edinburgh
I will *always* explain revoked encryption keys, unless RIP prevents
me
http://www.opsi.gov.uk/acts/acts2000/00023--e.htm#54
More information about the ukcrypto
mailing list