Information Systems Security tag:blogs.nyu.edu,2010:/blogs/dm129/syssec/1685 2010-10-07T16:51:35Z Daniel Medina's blog for the NYU classes Core Concepts of Information Systems Security, X52.9380 Advanced Information Systems Security, X52.9381 Movable Type Enterprise 1.52 Open Thread (Week 1) tag:blogs.nyu.edu,2010:/blogs/dm129/syssec//1685.69879 2010-10-07T16:51:21Z 2010-10-07T16:51:35Z This is an open thread for the first week of Core Concepts of Information Systems Security (X52.9380). Welcome to the class!... Daniel Medina This is an open thread for the first week of Core Concepts of Information Systems Security (X52.9380). Welcome to the class!

]]> Mordac's authentication policies tag:blogs.nyu.edu,2010:/blogs/dm129/syssec//1685.58167 2010-02-10T23:00:00Z 2010-10-07T16:35:43Z Orginally posted on 2009-03-04, and still true... Mordac first appeared as "The Preventer", "your liason from the Information Technology Department". This is his first appearance in the role of a security officer, implementing a policy we're probably now all very... Daniel Medina Orginally posted on 2009-03-04, and still true...

Mordac first appeared as "The Preventer", "your liason from the Information Technology Department".

This is his first appearance in the role of a security officer, implementing a policy we're probably now all very familiar with:

Dilbert.com

Let's compare that to NYU's password policies ([although it has changed a bit] with enforced complexity, they make Mordac of 1998 look like a softie!):

1. passwords must be 8 or more characters in length

2. must consist of letters (a-z and/or A-Z) AND at least one number (0-9) AND at least one special character: !@#$%^&*()_-+=[]|\;"~',<>./?

3. the alphabetic portion of a password, taken as a whole, may not be a dictionary word proper name, or person's initials

4. you may not reuse a password that you've previously used with NYUHome

A decade later, the authentication policies became more complicated:

Dilbert.com

Dilbert.com

]]>