| Re: Tracking Passwords or People with Passwords to Critical Systems | <– Date –> <– Thread –> |
From: Sharon Villines (sharon sharonvillines.com)
|
|
| Date: Mon, 26 Jun 2023 11:38:45 -0700 (PDT) | |
Jay, thank you for this response. Excellent solutions. In the Beginning at Takoma Village, I was the only person who knew how to set up YahooGroups lists for teams. Since I was not living in DC yet, it was a good way for me to contribute from afar. I set up and managed all our lists for 20 years. I also became the troubleshooter for all the takomavillage.org <http://takomavillage.org/> email accounts and I used my password manager to keep passwords for people who forgot them frequently. As the requirements for passwords became more and more complex (I have over 400 unique passwords myself) I began to lose patience with the whole enterprise. I was only two steps short of advising everyone to just use “password” until it crashed the world and the powers that be set up a better system. And it was not just me. When the Board asked the Techpod to set up files to keep all the usernames and passwords for all the Association's accounts updated, there was great laughter. No one was willing to touch that. The Admin team bravely volunteered but they quickly understood how complex this was and asked how do we do this? Jay provides good solutions that everyone should save in case they are needed, but this is also something for which we need cohousing expectations. Some of the people who have moved in in the last 5-7 years have come from corporate and military backgrounds where there are rigid standards for secret storage and monthly to weekly changing of passwords. They were appalled at our lax standards. One password for the whole community? It hasn’t been changed in 25 years? You send passwords in emails? Clearly, Neanderthals are in charge here. It got to the point of expecting that passwords could only be shared in F2F communications or by hard copy in sealed envelopes hand-delivered. I don’t think we have any members currently who use obviously weak passwords and it has been years since we had a member who used their first name—a short first name. Hackers used her account to send spam until it closed down our whole service, but only twice. Actually, that is good odds for a service that was up 24/7 for 20 years—only 2 cases involving password theft. Aside from financial records from which hackers could steal money, corporate/military security complicates community functioning beyond reasoning. But what level of security is appropriate for a neighborhood network that is sharing recipes for pecan pie, complaints about the dumpster being too tall, and whether signs are needed or not? Sharon ---- Sharon Villines Takoma Village Cohousing, Washington DC http://www.takomavillage.org
-
Tracking Passwords or People with Passwords to Critical Systems Anna Amato, June 25 2023
-
Re: Tracking Passwords or People with Passwords to Critical Systems Jay KapLon, June 26 2023
- Re: Tracking Passwords or People with Passwords to Critical Systems Sharon Villines, June 26 2023
-
Re: Tracking Passwords or People with Passwords to Critical Systems Jay KapLon, June 26 2023
Results generated by Tiger Technologies Web hosting using MHonArc.