The NIST* has modernized the password rules for US Government Department, specifically the “minimum requirements for federal information systems”. This is supposedly where every IT department gets their rules from, so maybe these better rules will be used, “soonish”, in bank machines and corporate workplaces.
– (Yeah, I said “soonish”. In this case, “soonish=”probably years from now”.)
What the NIST said:
I will summarize and link to the parts of the draft Guidelines that make passwords easier.
“Draft NIST Special Publication, 800-63B – Digital Identity Guidelines”:
- Section 5, Authenticator and Verifier Requirements
- Section 22.214.171.124 – Don’t make the password artificially hard to remember by requiring “complexity rules”: UPPER, lower, numeric, special characters. (Rationale in Appendix A)
- Appendix A, Strength of Memorized Secrets
- Why complex passwords are bad: “analyses of breached password databases reveals that the benefit of such [complexity] rules is not nearly as significant as initially thought, although the impact on usability and memorability is severe.”
- Services should disallow passwords found in a list of commonly used passwords, such as “Password1!”, and “123456”.
For a longer explanation, see Slava Gomzin’s article on Venture Beat.
* NIST = National Institute of Standards and Technology – part of the U. S. Dept. of Commerce)
Well! I thought it was a company name, so I never looked it up. As Ian says, “That’s my story, and, I’m gonna stick to it.”
Turns out CAPTCHA means:
- Completely Automated Public Turing test to tell Computers and Humans Apart
Source: nist.gov On that page, look under Definitions and Abbreviations.
ITO 2.0 still exists!
ITO 2.0 is a specialized support service for high tech workers who are unemployed. They offer online training, workshops, career transition help, the works. When I was laid off in Sept, I tried to find it, couldn’t, and assumed it had disappeared. The staff at my local IE office did not connect me to it. Continue reading
The newer version of ssh-keygen uses SHA256 hash to generate the fingerprint, whereas the older ones used an MD5 hash, which has the “cute widdle colons” between every pair of characters in the hash/fingerprint.
Probably your favorite web service shows the MD5-style hash, with the colons in it. To generate this for your SSH key, use this command line:
ssh-keygen -l -E md5 -f ~/.ssh/id_rsa.pub
- -l means generate the fingerprint
- -E means choose the type of hash to use for the fingerprint. You can choose md5, or sha256. sha256 is the default now.
- -f means choose the file to operate on Continue reading
To find these meetups and similar ones, search for common keywords, like DevOps, AWS, and Cloud. You may need to search for the name of a particular group, or some subset of the name, and then click “Groups”.
Focusing on telling how real companies use DevOps, and where they are now in their journey. Continue reading
Do you use a tool to record the current settings of your network devices, and compare them to older states?
Apparently RANCID does this.
My fave IT guy didn’t know about this. I assume there are similar tools that are newer, RANCID has been around for a while.
Seth Godin said “It really is up to us. Which is great, because we’re capable of changing everything if we choose.”
Just one thing I want to add.
That is, “choose” :
- Pick one now, that you are not already doing.
- Do that for a week. You will start to feel better.
- Now look at the list again:
- Which one makes the most sense for the rest of this year?
- Is there a better one for you, for this year, that is not on this list? Or is it already on the list?
- Do that one.
It’s when we choose, when we become consistent, when we make a change permanent, that we change ourselves, and we change the world.