Click here to monitor SSC
SQLServerCentral is supported by Red Gate Software Ltd.
 
Log in  ::  Register  ::  Not logged in
 
 
 
        
Home       Members    Calendar    Who's On


Add to briefcase 12»»

Serious Security Expand / Collapse
Author
Message
Posted Thursday, January 17, 2013 12:12 AM


SSC-Dedicated

SSC-DedicatedSSC-DedicatedSSC-DedicatedSSC-DedicatedSSC-DedicatedSSC-DedicatedSSC-DedicatedSSC-DedicatedSSC-DedicatedSSC-DedicatedSSC-DedicatedSSC-DedicatedSSC-Dedicated

Group: Administrators
Last Login: Today @ 9:00 PM
Points: 31,036, Visits: 15,465
Comments posted to this topic are about the item Serious Security






Follow me on Twitter: @way0utwest

Forum Etiquette: How to post data/code on a forum to get the best help
Post #1408176
Posted Thursday, January 17, 2013 12:24 AM


SSCoach

SSCoachSSCoachSSCoachSSCoachSSCoachSSCoachSSCoachSSCoachSSCoachSSCoachSSCoach

Group: General Forum Members
Last Login: Today @ 8:13 PM
Points: 17,628, Visits: 15,486
I think that security is the duty of all involved from end-user to developer. However, one thing to consider in the economics of security is the annoyance and cost of too much security. There is a balance and going overboard will likely drive a bunch of users away.



Jason AKA CirqueDeSQLeil
I have given a name to my pain...
MCM SQL Server


SQL RNNR

Posting Performance Based Questions - Gail Shaw
Posting Data Etiquette - Jeff Moden
Hidden RBAR - Jeff Moden
VLFs and the Tran Log - Kimberly Tripp
Post #1408181
Posted Thursday, January 17, 2013 2:43 AM


SSCommitted

SSCommittedSSCommittedSSCommittedSSCommittedSSCommittedSSCommittedSSCommittedSSCommitted

Group: General Forum Members
Last Login: Today @ 3:31 AM
Points: 1,700, Visits: 1,117
I work with one client which has so many layers of security and training to access their network, it has taken me 2 days on occasion to even gain access to what I need. There's education and online training, dire warning of consequences of misuse etc etc.

Unfortunately the effect is that people tend to quietly share account details simply to get the job done. I guess it's a tricky balance. I'm pretty disciplined but probably even then, I know, not as rigorous as I might be.
Post #1408247
Posted Thursday, January 17, 2013 5:44 AM


SSC Eights!

SSC Eights!SSC Eights!SSC Eights!SSC Eights!SSC Eights!SSC Eights!SSC Eights!SSC Eights!

Group: General Forum Members
Last Login: Monday, March 17, 2014 6:21 AM
Points: 997, Visits: 6,477
I use Keepass for storing my passwords, it is only way to remember them all.
For example, password for my Gmail acc. is 56 characters long and I'm changing it every 2 months.
I use shorter passwords for forums, it's all about priorities.


-------------------------------------------------------------
"It takes 15 minutes to learn the game and a lifetime to master"
"Share your knowledge. It's a way to achieve immortality."


Post #1408366
Posted Thursday, January 17, 2013 5:55 AM
Forum Newbie

Forum NewbieForum NewbieForum NewbieForum NewbieForum NewbieForum NewbieForum NewbieForum Newbie

Group: General Forum Members
Last Login: Thursday, January 17, 2013 8:14 AM
Points: 4, Visits: 10
Hey Steve,

Great post on security! I do use password safe here at work religiously, but I was curious if there was something out there that does the same thing on a mobile device (ie. idevice, droid, ect.)? Does anyone know the good ones from the crapware out there?

Thanks!
B.J. Fentress
@bjfentress
Post #1408369
Posted Thursday, January 17, 2013 6:30 AM
SSC Journeyman

SSC JourneymanSSC JourneymanSSC JourneymanSSC JourneymanSSC JourneymanSSC JourneymanSSC JourneymanSSC Journeyman

Group: General Forum Members
Last Login: Thursday, September 18, 2014 9:18 AM
Points: 81, Visits: 729
We have a credit card application that requires password complexity and that it be changed every 90 days and I imagine all of them are required to do this because of regulations deep in the bowels of the PCI compliance documentation. If I can find a software that doesn't require this, I'll switch. In the meantime, a post-it note is nearby (though not stuck to the monitor). Dito for our banking software (that only allows deposits...no check writing allowed).

The human factor will always override the digitial factor.
Post #1408391
Posted Thursday, January 17, 2013 7:46 AM
Grasshopper

GrasshopperGrasshopperGrasshopperGrasshopperGrasshopperGrasshopperGrasshopperGrasshopper

Group: General Forum Members
Last Login: Thursday, June 19, 2014 4:17 PM
Points: 10, Visits: 134
It seems to me that a big factor in this is just password fatigue. We have so many password "protecting" things from the very important like bank accounts and company data to trivial things like this forum, frankly, and other such stuff. Of course, some passwords are to protect the user and some are to protect the data provider. Personally, I am far less conscious about passwords when it is to protect the provider for knowledge bases, etc.
Post #1408427
Posted Thursday, January 17, 2013 8:12 AM


SSC-Dedicated

SSC-DedicatedSSC-DedicatedSSC-DedicatedSSC-DedicatedSSC-DedicatedSSC-DedicatedSSC-DedicatedSSC-DedicatedSSC-DedicatedSSC-DedicatedSSC-DedicatedSSC-DedicatedSSC-Dedicated

Group: Administrators
Last Login: Today @ 9:00 PM
Points: 31,036, Visits: 15,465
bj_fentress (1/17/2013)
Hey Steve,

Great post on security! I do use password safe here at work religiously, but I was curious if there was something out there that does the same thing on a mobile device (ie. idevice, droid, ect.)? Does anyone know the good ones from the crapware out there?

Thanks!
B.J. Fentress
@bjfentress


I use pwsafe on iOS. Syncs with my Password Safe syncs on laptop/desktop with Dropbox.

There's a few here: http://pwsafe.org/relatedprojects.shtml







Follow me on Twitter: @way0utwest

Forum Etiquette: How to post data/code on a forum to get the best help
Post #1408441
Posted Thursday, January 17, 2013 8:14 AM
Forum Newbie

Forum NewbieForum NewbieForum NewbieForum NewbieForum NewbieForum NewbieForum NewbieForum Newbie

Group: General Forum Members
Last Login: Thursday, January 17, 2013 8:14 AM
Points: 4, Visits: 10
Awesome! I will check it out! Thanks!
Post #1408447
Posted Thursday, January 17, 2013 8:52 AM
SSC Rookie

SSC RookieSSC RookieSSC RookieSSC RookieSSC RookieSSC RookieSSC RookieSSC Rookie

Group: General Forum Members
Last Login: Monday, December 30, 2013 2:11 PM
Points: 28, Visits: 285
1password from https://agilebits.com/onepassword. I have it on my work computer, home PC and desktop, android phone. And it is updated between all three computer automatically.

It will give you randomly generated password and is used directly in the browser (Firefox, Chrome and IE).

I've used it for the past three years. Supports PC, Mac, Android and IOS.

Post #1408473
« Prev Topic | Next Topic »

Add to briefcase 12»»

Permissions Expand / Collapse