|
|
|
|
|
|
by SkyMarshal
2316 days ago
|
|
|
>Overly elaborate password policies (excessive complexity demands, passwords expiring, no reusing last five passwords) end up causing annoyed users to make bad decisions that compromise password security. Similarly, an excess of popups doesn’t increase security. It annoys users to the point they stop thinking about individual security decisions. It's particularly annoying b/c there's a subset of craftsmen developers who pay close attention to this problem, who realize these cures are worse than the disease, and who reverted years ago to not using these flawed security patterns. Many here on HN, for example. And then there are Apple engineers who seem to be so far behind the curve that they're just now discovering and implementing patterns that others not only discovered and tested years ago, but discarded years ago. It's like corporate 9-to-5'ers with no pride of craftsmanship or motivation to stay current with their field made these decisions. Either that or clueless management ordered it, which in any other company besides Apple would be my first guess. |
|
|
QFT. Because there are not enough upvotes in all the world.