

Please do not change your password - SeanONeill
http://www.boston.com/bostonglobe/ideas/articles/2010/04/11/please_do_not_change_your_password/?page=1
A fresh take on the TechRepublic story on the study of how many security precautions are a net drain on the economy.
======
guelo
Here's the original much more informative 2007 paper,
<http://research.microsoft.com/pubs/74162/hotsec07.pdf>

------
wookiehangover
I stopped reading when it referenced Microsoft as it's primary source for
information concerning security. What a joke.

------
wdewind
'Particularly dubious are the standard rules for creating and protecting
website passwords, Herley found. For example, users are admonished to change
passwords regularly, but redoing them is not an effective preventive step
against online infiltration unless the cyber attacker (or evil colleague) who
steals your sign-in sequence waits to employ it until after you’ve switched to
a new one, Herley wrote. That’s about as likely as a crook lifting a house key
and then waiting until the lock is changed before sticking it in the door.'

I stopped reading right about there...

~~~
pingswept
Hey, that's where I stopped too!

