U.S. CitiesCity-Data Forum Index
Go Back   City-Data Forum > General Forums > Science and Technology > Computers
 [Register]
Please register to participate in our discussions with 2 million other members - it's free and quick! Some forums can only be seen by registered members. After you create your account, you'll be able to customize options and access all our 15,000 new posts/day with fewer ads.
View detailed profile (Advanced) or search
site with Google Custom Search

Search Forums  (Advanced)
Reply Start New Thread
 
Old 06-02-2018, 07:34 AM
 
Location: Raleigh, NC
2,299 posts, read 3,492,539 times
Reputation: 3018

Advertisements

Use some common sense and compare the two scenarios:

Change PW so often that you find yourself choosing them with patterns that actually make them easier to break.
Change PW so rarely that you feel OK about choosing some phrase is so complex that sounds like a Wookie trying to speak Klingon ... backwards.
Reply With Quote Quick reply to this message

 
Old 06-03-2018, 12:25 AM
 
10,725 posts, read 8,628,471 times
Reputation: 14855
Quote:
Originally Posted by TRex2 View Post
Still ridiculously often, but the good news is you will stay in practice

Where I worked, the site engineer decided we should run a maintenance routine quarterly, the HQ changed that to monthly, and my boss, who works next door to the site engineer decided to change that to weekly.

I am thankful that I don't work there any more.
Some hospitals require password changes this frequently for those accessing patient medical records. For some reason hospitals are regularly targeted by hackers daily.
Reply With Quote Quick reply to this message
 
Old 06-03-2018, 12:28 AM
 
10,725 posts, read 8,628,471 times
Reputation: 14855
Quote:
Originally Posted by Ed_RDNC View Post
Use some common sense and compare the two scenarios:

Change PW so often that you find yourself choosing them with patterns that actually make them easier to break.
Change PW so rarely that you feel OK about choosing some phrase is so complex that sounds like a Wookie trying to speak Klingon ... backwards.
I wonder if they could set up a wireless router administrator access phone app that would alert the administrator of a request from a device to access the wireless network (correct password) and give the administrator the ability to accept or deny access to that device?
Reply With Quote Quick reply to this message
 
Old 06-03-2018, 08:40 AM
 
Location: SE corner of the Ozark Redoubt
2,991 posts, read 1,039,035 times
Reputation: 3013
Quote:
Originally Posted by victimofGM View Post
Some hospitals require password changes this frequently for those accessing patient medical records. For some reason hospitals are regularly targeted by hackers daily.
Changing passwords frequently is a good countermeasure against shoulder surfing and people sharing passwords, but is almost completely ineffective against hackers. In fact, as Ed_RDNC alluded to, it may even aid hackers. There are several ways to strengthen password systems, but frequent password changes isn't one of them (although it may strengthen the management's delusions that they are doing something).
Reply With Quote Quick reply to this message
 
Old 06-03-2018, 09:58 AM
 
Location: Raleigh, NC
2,299 posts, read 3,492,539 times
Reputation: 3018
Quote:
Originally Posted by victimofGM View Post
I wonder if they could set up a wireless router administrator access phone app that would alert the administrator of a request from a device to access the wireless network (correct password) and give the administrator the ability to accept or deny access to that device?
While a good idea at first, I think this may be harder to get working than it might be worth.
Remember that your WiFi access (Your password evaluation) is done by software within the router, not your phone. So you have work with it's capabilities.
I know my router can email me if there are some specific events, like connections that were allowed, and those that were blocked, but it doesn't have the capability to email for connection approval.
Also, requiring admin-verification on each connect would add a potential delay in a users access, and most would find that unacceptable.

Like so many other tech situations, there's no 100.00% perfect or sure solution, you just have to build a taller backyard fence than a burger is willing to climb. Make it so they move on to easier targets. IE: Keep your modem/router's software flashed up to date, choose a good access name and password, and choose a crazy-complicated WiFi password. Then the drive-by hackers will move on to your neighbor who still has their modem using it's factory login name and PW.
Reply With Quote Quick reply to this message
 
Old 06-04-2018, 09:28 AM
 
3,000 posts, read 3,131,179 times
Reputation: 2910
Quote:
Originally Posted by TRex2 View Post
although it may strengthen the management's delusions that they are doing something.
But that's what it is all about. If someone in charge of internet security has hit those checkboxes, such as changing passwords - even if they are changing passwords using a pattern - if their company's system is compromised, they can say "Hey, I followed standard operating procedures."

It's all about CYA.
Reply With Quote Quick reply to this message
 
Old 06-07-2018, 08:08 AM
 
10,725 posts, read 8,628,471 times
Reputation: 14855
Quote:
Originally Posted by dspguy View Post
But that's what it is all about. If someone in charge of internet security has hit those checkboxes, such as changing passwords - even if they are changing passwords using a pattern - if their company's system is compromised, they can say "Hey, I followed standard operating procedures."

It's all about CYA.
Thankfully they haven’t thought about our department for regular password changes. Our system controls the entire hospital’s HVAC system. Only 8 people in our department have access to the system and other than IT and the service contractor for the software, only three have admin access. While administration seems to forget we exist, they’d remember real quick if the entire hospital’s HVAC system was taken over and shut down. While we can manually turn units back on, it’s at the expense of energy efficiency because we’re bypassing the variable speed drive on the units.
Reply With Quote Quick reply to this message
 
Old 06-08-2018, 07:58 PM
 
2,360 posts, read 1,290,077 times
Reputation: 2093
We use MAC assigned and 30 day pw changes here at our office. So if somebody try to connect, it wont even let them get a IP if they are not on the MAC approve list. If somebody try to spoof the MAC, they wont get a IP as DHCP is off and they have exact count of devices to IP address, so if somebody manage to get a ip somebody will get a ip conflict and system will port block it till can be fixed.
Reply With Quote Quick reply to this message
 
Old 08-09-2018, 04:10 AM
 
6 posts, read 1,571 times
Reputation: 10
You can check number of devices are connected through DHCP. and also you can change the password by installing software on your device.
Reply With Quote Quick reply to this message
 
Old 08-09-2018, 09:10 AM
 
Location: Cleveland, Ohio
11,849 posts, read 13,976,351 times
Reputation: 8083
Quote:
Originally Posted by hitpausebutton2 View Post
We use MAC assigned and 30 day pw changes here at our office.
30 days?!? Wow... that's really lame.
Reply With Quote Quick reply to this message
Please register to post and access all features of our very popular forum. It is free and quick. Over $68,000 in prizes has already been given out to active posters on our forum. Additional giveaways are planned.

Detailed information about all U.S. cities, counties, and zip codes on our site: City-data.com.


Reply
Please update this thread with any new information or opinions. This open thread is still read by thousands of people, so we encourage all additional points of view.

Quick Reply
Message:

Over $104,000 in prizes was already given out to active posters on our forum and additional giveaways are planned!

Go Back   City-Data Forum > General Forums > Science and Technology > Computers
Similar Threads
Follow City-Data.com founder on our Forum or

All times are GMT -6.

© 2005-2019, Advameg, Inc. · Please obey Forum Rules · Terms of Use and Privacy Policy · Bug Bounty

City-Data.com - Archive 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35 - Top