Recently, I had to update all the security questions for the AppStore for my Apple devices. This had closely followed a string of required changes to my passwords for a number of different websites. Seemingly, they all now require upper case, lower case, non-character and at least one number or some such stupidity in every password. Oh, and it needs to be at least 15 characters in length. (Some hyperbole there. Some.)
I don't get it. Has there been a rash of identity thefts of people stealing passwords and spoofing individuals on the Internet? I haven't heard much about that kind of activity since the 1990s. Admittedly, I am not privy to a lot of security discussions on the web, but still, all the tempest over users' passwords seems to me to be a bit of misdirection. You see, where are the big security breaches? Not with an individual password being hacked. No, it's with somebody hacking the backdoor of a company and stealing millions of users' information - including their passwords.
Seems to me that forcing the users to update their perfectly adequate password is an attempt to show "See? We are all about the security! We force you to change you password and make it impossible to remember!" when they need to be watching their own practices and back doors for the far, far more egregious thefts.
Perhaps somebody can tell me that I am wrong.
I don't get it. Has there been a rash of identity thefts of people stealing passwords and spoofing individuals on the Internet? I haven't heard much about that kind of activity since the 1990s. Admittedly, I am not privy to a lot of security discussions on the web, but still, all the tempest over users' passwords seems to me to be a bit of misdirection. You see, where are the big security breaches? Not with an individual password being hacked. No, it's with somebody hacking the backdoor of a company and stealing millions of users' information - including their passwords.
Seems to me that forcing the users to update their perfectly adequate password is an attempt to show "See? We are all about the security! We force you to change you password and make it impossible to remember!" when they need to be watching their own practices and back doors for the far, far more egregious thefts.
Perhaps somebody can tell me that I am wrong.
RSS Feed