W3C home > Mailing lists > Public > www-tag@w3.org > October 2008

Re: Passwords in the clear update

From: John Kemp <john.kemp@nokia.com>
Date: Fri, 10 Oct 2008 09:23:19 -0400
Message-ID: <48EF5747.7080309@nokia.com>
To: elharo@metalab.unc.edu
CC: "Ray Denenberg, Library of Congress" <rden@loc.gov>, noah_mendelsohn@us.ibm.com, Jonathan Rees <jar@creativecommons.org>, David Orchard <orchard@pacificspirit.com>, www-tag@w3.org

ext Elliotte Harold wrote:
> Ray Denenberg, Library of Congress wrote:
>> A blanket admonishment: "do not ever, under any circumstance, use 
>> passwords
>> in the clear", is fairly useless, most everyone will ignore it. People 
>> are
>> not going to stop. Better to educate people on the dangers.
> 
> Give that blanket admonishment, and then explain the reasons behind it; 
> but don't compromise the good advice because you think it may not be 
> followed by all people in all circumstances.

I wholeheartedly agree. What is the sense in continuing to implicitly 
condone these practices? Who would care?

It is not that people will necessarily stop using passwords in the 
clear, but shouldn't we have a metaphorical stick to beat them with?

- johnk
Received on Friday, 10 October 2008 13:25:09 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Thursday, 26 April 2012 12:48:07 GMT