Tag Archives: passwords

Consensual impersonation is delegation done very wrong

I’ve got a new post up on the Forrester blogs about “consensual impersonation”, which is what happens when you give your password to someone else so they can do something from your account. As Paul Madsen points out, it’s “another manifestation of the password anti-pattern”, and it’s a use case whose legitimacy — at least some of the time — we haven’t really thought about. Head over there to see if I manage to avoid mentioning UMA. (Hint…)

New post: Make A Resolution: Kill Your P@55W0rD Policies

Over on the Forrester blogs, I’ve got a post meant to inspire IT folks to think outside the box when it comes to passwords. Nix password policies? Hey, a girl can dream.

Speaking of resolutions, I have a goal to blog more often in the new year. At least it will help with brain house-cleaning. Last Wednesday was my eighth blogiversary and I didn’t even commemorate it, sigh.

Happy 2013, everyone!