Dropbox Urges Users To Change Old Passwords - InformationWeek

InformationWeek is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

IoT
IoT
Comments
Dropbox Urges Users To Change Old Passwords
Oldest First  |  Newest First  |  Threaded View
Page 1 / 3   >   >>
Michelle
50%
50%
Michelle,
User Rank: Ninja
8/29/2016 | 12:48:32 PM
Changed, not changed
High incidences of password reuse aren't just an IT statistic, the threat is real. I see password reuse all the time in my sector. The problem continues to be the need to set a password for virtually every service used. Sometimes, the hassle of resetting passwords is enough to deter folks from creating unique passwords for every system. 
Whoopty
0%
100%
Whoopty,
User Rank: Ninja
8/30/2016 | 7:25:55 AM
Re: Changed, not changed
It's pretty amazing that at this point in the internet's life that people still don't use decent password protections. It's the kind of thing they made fun of in '90s movies.

It's almost as if the ease of use with which modern computing allows, is making it all too simple. What would be the best way to encourage better password use among business users and the general public?
Joe Stanganelli
50%
50%
Joe Stanganelli,
User Rank: Author
8/30/2016 | 10:37:32 PM
Re: Changed, not changed
@Whoopty: It's just life, I guess.  It sounds crazy to us, but it's real, regular, everyday life.

True story: I got a picture from a loved one via text message yesterday -- a picture of a sticky note on their co-worker's monitor.

The sticky note said: "Username: [firsrt initial + last name]" followed by "Password: Password123."

Once one gets past the obvious head-shaking wonder of that, the greatest and most absurd part of that, to me, is that this person felt the need to write "Password:" before what their password was -- as if writing "Password123" by itself without any additional context might confuse them.
Joe Stanganelli
50%
50%
Joe Stanganelli,
User Rank: Author
8/30/2016 | 10:38:38 PM
Time
Four years is probably a pretty long time to go without changing your password.

Of course, at the opposite end off the spectrum are overly oppressive IT departments.  One woman I know used to just use whatever day of the week it was plus a number or something whenever IT would do its all-too-often rounds of "CHANGE YOUR PASSWORD NOW BECAUSE WE SAY SO."
Joe Stanganelli
50%
50%
Joe Stanganelli,
User Rank: Author
8/30/2016 | 10:40:38 PM
Re: Changed, not changed
@Michelle: The expert advice I've heard occasionally -- and I adopt myself -- is for companies to have in their employment agreements a passage that states that the password belongs to the company, and anyone who gets caught using a company password on another system will be fired immediately.

Realistically speaking, it's a practically unenforceable line item -- but it sure gets people thinking about things.
Michelle
50%
50%
Michelle,
User Rank: Ninja
8/30/2016 | 11:40:06 PM
Re: Changed, not changed
I think many have tried and failed using multiple means. I don't know how to change attitudes toward password re-use. Password fatigue is probably a real thing that people deal with everyday, they feel undue burden to make unique passwords for every site/service.
Michelle
50%
50%
Michelle,
User Rank: Ninja
8/30/2016 | 11:43:48 PM
Re: Changed, not changed
@Joe that's an interesting strategy I haven't heard before. Associating scary termination language with password re-use seems like it could curb the practice (at least a little).
Michelle
50%
50%
Michelle,
User Rank: Ninja
8/30/2016 | 11:46:33 PM
Re: Time
4 years might be a long time, but I'm sure there are folks who signed up for the service and never used it. Those folks may be avid password re-users (sounds like an addiction). I recently changed a bunch of passwords and noticed I hadn't used some accounts for ----- years. 
Technocrati
50%
50%
Technocrati,
User Rank: Ninja
8/31/2016 | 3:37:11 AM
Re: Time
Good point Michelle when I first read the fours years part I was alarmed but I had forgotten about early adopters which I am not.
Susan Fourtané
50%
50%
Susan Fourtané,
User Rank: Author
8/31/2016 | 8:02:32 AM
Re: Time
Password re-use is sometimes innevitable. If you have, say, tens of accounts it's really hard to always remember every single individual password. Bio-passwords should be more common. As for Dropbox, I signed up for an account years ago. I used it for a long time. Then I stopped. I remembered about it not long ago, I think thanks to an email Dropbox sent me. -Susan
Page 1 / 3   >   >>


2020 State of DevOps Report
2020 State of DevOps Report
Download this report today to learn more about the key tools and technologies being utilized, and how organizations deal with the cultural and process changes that DevOps brings. The report also examines the barriers organizations face, as well as the rewards from DevOps including faster application delivery, higher quality products, and quicker recovery from errors in production.
Slideshows
10 Trends Accelerating Edge Computing
Cynthia Harvey, Freelance Journalist, InformationWeek,  10/8/2020
Commentary
Is Cloud Migration a Path to Carbon Footprint Reduction?
Joao-Pierre S. Ruth, Senior Writer,  10/5/2020
News
IT Spending, Priorities, Projects: What's Ahead in 2021
Jessica Davis, Senior Editor, Enterprise Apps,  10/2/2020
Register for InformationWeek Newsletters
Video
Current Issue
[Special Report] Edge Computing: An IT Platform for the New Enterprise
Edge computing is poised to make a major splash within the next generation of corporate IT architectures. Here's what you need to know!
White Papers
Slideshows
Twitter Feed
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.
Sponsored Video
Flash Poll