http://qs1969.pair.com?node_id=27773


in reply to RE: Ethics of Passwords
in thread Ethics of Passwords

SOME people have their passwords on post-its? I remember a certain job I was on for the Air Farce. They had very complicated password requirements. 8 chars, upper and lower case, plus digits and special chars, etc. They would run crack every weekend and reset your password if it was easy to break. The kicker to the whole thing was the little statement at the bottom of the page. To paraphrase, it said - "We realize these requirements will make your password hard to memorize. Therefore, we reccommend writing it down and keeping it in your wallet or desk drawer."
Scary, no?
This was, however, a resctricted access network. As far as a general access network, I tend to agree with KM. I know that having an option to have your password emailed is great, but it still leaves some holes that may or may not worry you depending on what you're protecting.
For example:
Of course, security always comes at the price of usability, so if a password compromise won't cause major damage (loss of data, credibility, life) clear text may be the best solution.