[geeks] Mandatory password changes

[Lionel Peterson]

On 12/9/06, Aaron Finley <aaronfinley at gmail.com> wrote:
>
> There was a letter in our collegiate paper today, this is concerning
> new policy here that one will have to change their password next year
> and then on a regular yearly rotation. Just to add to the context, if
> someone has someone elses password here, they can withdraw them from
> the university and late drop all their courses in about ten clicks.
>
> [qoute]
> Letter to the Editor
> Student reader vents on new password regulation
>
> With the recent requirement for students to change their user ID passwords
> for access to electronic media such as Webmail, [CMS] and [Registrar],
> I just thought I'd take a minute or two to vent my frustrations about
> this new, ridiculous concept.
>
> First of all, why regulate students' password security? It should be
> up to the student to change his or her passwords if he or she chooses
> to do so. If someone wishes to share his or her password with someone
> else, let them.


I didn't know RMS [0]went back to school? ;^)

It's obvious that this whole ordeal is only meant to
> show the administration's depth of control over the student
> population. Why else would they waste valuable man hours in the IT
> department and valuable research dollars on advertising. It's no
> wonder our student governing body was overthrown last year, and we
> have no influence on any of the formal decisions made by this
> administration because they know that no matter what, there will be
> 43,000 people handing over thousands of dollars in tuition the next
> year.
> [end qoute]


WTF - the Student Governemt control IT policy at your school?

The author has a serious lack of understanding of "responsibility" and who
controls what at their school...

As a question about your systems at this school, if I had someones password,
could I gather enough information to apply for a credit card in their name?
(SSN, DOB, home address, etc.)

I remember the recent *graduate school* graduate from a top MBA program
(think Wharton, Kellog, Chicago, etc.) who couldn't understnad the concept
of not dating clients, and he went further to point out his ignorance when
he refused to believe that it was wrong to keep asking a client out even
after she said "No", because, "heh, you know, sometimes girls say 'No' just
to see if you're really interested".

This twit was making near-six figures right out of school, and he didn't
know that "No means no" and "Don't <deleted> where you eat"...


> Good grief. What large rock do people like this crawl out from? I sent
> him an e-mail, telling him he should hope that none of his prospective
> employers pre-screen via the internet, as this letter comes up as the
> third result on Google for his name.


Dude, he's probably so proud of his letter to the editor that he linked to
it on his "My Space" page ;^)

Lionel

[0] RMS is Richard M. Stallman, founder of the Gnu organization, and was
famous for having "null" passwords on his accounts that required passwords
because he thought his source code library should be freely accessible by
others at the MIT AI Lab...