Wednesday, August 01, 2012

Impractical I. T. Security

Here is a comment posted in my blog. I agree with the view expressed.


Management of many companies just delegate the management of IT security to the young programmers, who have no understanding of the challenges of an aging population. They think that everybody is like them, able to see small fonts, remember complicated passwords, able to press this and press that in record short time. They only succeed in locking out the genuine owner but not the dedicated robber so they make it increasingly complicated when it is unnecessary when there are simple solutions practiced in other countries. 

2 comments:

  1. I am currently a student doing information technology. I do agree that from times to times, while doing programming, we tends to overlook the fact that we have to cater to those generally "older" people, and that is definitely something which we should have ponder over. Thus, things like the font is something that we can do about. However, for certain things like complicated password, personally I would think it is necessary to protect the interest of the user, from being hack and account being compromised.

    ReplyDelete
  2. I suggest programmers think more creatively. There are ways to maintain security with less complicated systems. E.g. Use of scrambled password vs 2 factor authentication. A bank overseas requires me to just enter an easy to remember 3 digit password derived from an easy to remember 6 digit password by asking for it in random sequence. I do not need to look for the token, press it and try to input the small fonts in time before it disappears etc.
    The acid test is to ensure convenience for genuine customers while at the same time stop hackers. It would fail if a customer have to curse and swear and worse still, did not manage to be able to access his account.

    ReplyDelete