Dan Navetta's Thoughts

Category: Uncategorized

  • Why Password Change Requirements are Bad

    The main reason that forcing users to change their password on set time intervals is a bad security practice, is that it forces users to choose weaker passwords. The thought process is that a password will get stale, and the possibility that the password has been compromised increases over time. If you are constantly changing…

  • The Case Against Auto-Updates

    Software updates are a part of everyone’s life. Auto-updates make the lives of software engineers, and the family IT support person easier. Sometimes, though, auto updates create more trouble than they prevent. The list above contains three scenarios where auto-updates create unwanted changes. My father-in-law has complained more than once about his iPhone app updates…