outbreak

Me

My name is Marko Mrdjenovič. I’m a web developer, manager and an entrepreneur from Ljubljana, Slovenia.

Bio

I like solving problems. I do that by writing code, managing projects and people. I like creating good experiences. And going to conferences.

Availability

I work full time on Klevio so I'm currently not available for freelance work (UX, frontend, backend).

Elsewhere:
LinkedIn
Twitter
Facebook
Quora
Flickr

Archives

Abstracting passwords

Joel was saying something about the abstraction that goes on in a company that most people don’t see.

Recently we had some decisions made at the company I work for that show some people here have no idea how to make things easier for developers. One of the things that cost a few minutes on every login (and I do it quite often since I lock the computer often) is changing the password on a certain time interval. This never works and I have no idea why administrators really insist on this. Either they have no idea what people are doing about it or they’re just ignoring it.

Let’s see how it works. You get an alert that tells you that you’ll need to change your password in the next week or so. You decide to do it now. First thing most people try is to add a number. If this works we have a number added to the old password that doesn’t make it any more secure. If the system does not allow similar passwords we have a few other scenarios.

There are of course other options – you might actually be able to remember the new password. Congratulations, you’re a rare kind.

Whatever the argument for this I still can’t remember the password and I’m losing time, concentration and nerves everytime I enter my previous password instead of the new one.

Opinions

express yours below
  1. Marko

    If keeping your old password is in your opinion secure enough, why would first option that games a system in allowing you to do just that, be unsecure?

    Otherwise, my phone has an application that lets me store all my passwords behind a wall of encryption and a master password. I’m sure I could write one myself, if need be.

  2. Marko Mrdjenovic

    Point being that administrators say that it’s more secure to change the password. I think it isn’t. It’s better to have one password and since you know you’re not gonna change it you treat it better.

Express your opinion