• 2 Posts
  • 30 Comments
Joined 1 year ago
cake
Cake day: July 12th, 2023

help-circle





  • My boxer mix gets her wires crossed sometimes and quietly growls at me when she’s excited, like when she can tell by my change of clothes that we’re about to go for a walk. Sometimes it startles strangers but it’s hard to be scared when her tail is wagging. The best part is when the vibration of her own growl tickles her throat and sinuses enough that she makes herself sneeze.








  • Did you ever hear the Tragedy of Darth Plagueis the Wise? I thought not. It’s not a story the Jedi would tell you. It’s a Sith legend.Darth Plagueis was a Dark Lord of the Sith, so powerful and so wise he could use the Force to influence the midichlorians to create life… He had such a knowledge of the dark side that he could even keep the ones he cared about from dying. The dark side of the Force is a pathway to many abilities some consider to be unnatural. He became so powerful… the only thing he was afraid of was losing his power, which eventually, of course, he did. Unfortunately, he taught his apprentice everything he knew, then his apprentice killed him in his sleep. Ironic. He could save others from death, but not himself.




  • The current thinking as I understand it is expiry policies make most types of accounts less secure because users just cycle through the same predictable pattern of adding increasing numbers of exclamation points or incrementing the last digit at each required password change, and if you require new passwords to be too substantially dissimilar from x number of previous ones then users can’t remember them at all. Policies that make people use minimally complex passwords because they have too many to remember and don’t understand how password managers work inevitably increase password reuse between services and devices which does the opposite of improving security. Especially with MFA enforced, which I’ve been known to do as aggressively as I can get away with, there’s just no sense in requiring regular password resets – as long as the password remains complex, unique, and uncompromised. I’m not a network security expert but I am responsible for managing these sorts of things in my role and that’s the rationale I use for the group policies in a typical customer’s environment.