I’m not a big new year resolution maker (new year is just a side-effect of a calendaring system), but if you are, I suggest the following resolutions to avoid three bad ideas:
- Change your passwords and do not set it to the ship number for the Starship Enterprise, or any other of The Top 500 Worst Passwords of All Time – if you’re a sysadmin, make sure you are comparing user passwords against these sort of lists;
- Fight against cinema-style ratings for web-sites and the “campaign against free speech [because of] a wider public interest” which that implies;
- (Debian developers) Vote against the proposal for “future GRs would need 30 other [DDs, not people – the proposal is wrong] to support” because “There seems little rationale to support it. The more I’ve looked, the more places I’ve not found evidence for such a large seconding requirement and I know a few anecdotes about raising numbers too high and accidentally killing an organisation…”
Happy New Year!
Great tips MJ.
Especially the reminder on passwords which I shall take good heed of 🙂
Happy New Year to you!
Thanks Big Bear. Apparently all new years resolutions are bad ideas, according to http://news.bbc.co.uk/1/low/uk/7806776.stm – make of that what you will!
This password list is such a joke! It was probably build by the author on a Sunday morning, or collected using an online survey (assuming the amount of 4 letter words)…
Regarding the sysadmin they should have a look at any page among:
http://www.google.com/search?&q=choosing+password
The list is from a book cited at the foot of the table. The author’s page http://xato.com/about says it was an analysis of two million passwords.
Searching Google for advice is a very bad idea: there’s a real risk of incompetent or evil people who are better at SEO than real experts. BBC, NBC and others have fallen prey to SEO attacks before. It’s better to start from a good book published by people you’re already trusting, like http://www.uk.debian.org/doc/manuals/securing-debian-howto/ch3.en.html#s3.4
I would agree with you MJ – the list looks pretty authentic to me – I used to administer a University computer lab in my student days and I can say many of the passwords on the list we’re in my system…