Let’s start a movement!
In spring 2009 I published an article in the Hoosier Banker magazine.
The article, entitled “Sometimes Say Never,” was a slightly humorous “manifesto” about the illusion of password aging as a control.
The issue seems to be rising again. It came up in a meeting with a client who forwarded me a link to another great article about password aging, by Christopher Null (the technology writer for Yahoo! News.) This one cites recent studies!
Meanwhile I’m hearing from people who have discovered my post. Not one e-mail has pointed out something I might be missing in terms of my reasoning. They are all saying “exactly” and “right on.”
We auditors are still compelled to require at least 90 days, because we don’t want another auditor to come behind us and ding our clients for not following that practice. If you digg these articles, maybe we can change the mentality rather than our passwords!
At the least, you now have at least two articles to hand out in your next examination exit interview!
Dan Hadaway CISA, CISM
In this short video, Mike, our “Envoy from the SIEM”, walks us through how data flows
Dan’s reflection on the past 20 years. A Dan’s New Leaf post about predictions. If yo
Welcome Webinar Attendees! You can download a zip folder with all three of the delive
Another awareness poster for YOUR customers (and users). Now that we have our own em