My password to the Washington Post Company's intranet recently expired, so I was prompted to come up with a new one. As I usually do, I had the handly app 1Password generate a random 10-character alphanumerical string—fPCxHn6Z2G.
That got rejected as insufficiently secure. You see, it didn't use any special symbols! And everyone knows special symbols are the key to password security. So I tried M@tthewYg1esias instead. That worked. After all, it's got upper and lowercase letters, a number, and a symbol. No hacker could ever crack that kind of security. Now fortunately it was easy enough to have 1Password churn out a string that was both actually secure and that fit the corporate policy. But it's a potent sign of how dumb we continue to be about passwords. What's even stranger in this case is that the company's official training materials about password security are actually quite good, and it shows that on some level the firm clearly has a strong grasp of information security procedures. It's just not in any way aligned with the actual way the company operates.
TODAY IN SLATE
The Budget Disaster that Sabotaged the WHO’s Response to Ebola
How Movies Like Contagion and Outbreak Distort Our Response to Real Epidemics
PowerPoint Is the Worst, and Now It’s the Latest Way to Hack Into Your Computer
Everything You Should Know About Today’s Eclipse
An Unscientific Ranking of Really, Really Old German Beers
Welcome to 13th Grade!
Some high schools are offering a fifth year. That’s a great idea.
The Actual World
“Mount Thoreau” and the naming of things in the wilderness.