We had more technology evolution in the last century than in all of human history before that. Those that are near their 40s today are witneses of the proverbial shift, not as experienced by our generation but more by observing that of our parents and our children.
My father in law was a very intelligent and agile man, who travelled half of the world routinely. He was both exposed to the advances of the Old World, as well as the enormous cultural differences present in South America. He was also a fan of shooting home movies on "Super-8" as many in his generation.
In the 80s, when the then new generation of Camcorders was out he decided to buy one. My wife and her siblings would make fun of him as he kept adjusting the camcorder's position -now plugged into the TV- to "project" the image to the screen. Obviously, he was having a hard time assimilating the new technology and opted on relying on his past experience.
Another example was my own father, having worked as a mainframe programmer for almost 25 years, had a hard time digesting the relative "ease of use" of Windows 95.
This used to be the norm, older people would "get stuck" on the older technology and younger, smarter generations would take their place and would master BOTH the newer technology and the old one. In this same year, anybody my age would be equally proficient handling the camcorder/VCR/TV or the Super 8 projector.
What is interesting today, is that technology is evolving at such a pace that learning the newer technologies does not allow for any room to understand the old ones, and this comes to equally embarassing ignorance. Retro Ignorance. Just a few examples: A 15 year old (unless is a DJ) would not know how to play a Vinyl or a Cassette tape, the fact that you cannot skip immediately to another song would puzzle them. I have seen them trying multi-touch gestures on non-touch screens. They don't understand how a car works, connect to the Internet through a modem, operate a typewriter, drive a stick-shift, the list keeps going on and on.
Friday, August 27, 2010
Monday, August 23, 2010
"Three factor" authentication
It is truly amazing how human nature prevails. As much as we try to change, rule and regulate human behavior, there are examples in every field.
It is a known fact that when tax rates increase about a certain threshold, revenues begin to drop as evasion becomes more common place. The fiercest regimes are usually the ones that fall quicker.
But this blog is not supposed to be about sociology or politics, but about technology and management and in reality the issue that prompts me to write this time is the obsession of some IT Security departments to implement every single possible "best practice" as security measures. Two-factor authentication is one and the most common version is the security token, so this guarantees the unbreakable duet: something you know (the password) and something you have in your possession (the token). So when you put these together you have successfully authenticated yourself. This is not a new concept and it has been used ancestrally, just remember the stories that verse about tattoos or moles, passwords and objects that would identify a king, a priest, or a knight.
Changing passwords and setting up rules to construct valid and secure passwords is also a good idea, the problem arises when these rules restrict dramatically the number of words the user can choose and effectively remember. When combined with a stringent requirement for changing them too frequently together with a strict no re-use policy, these policies can be counter productive as they make it almost impossible for the user to commit multiple and random letter/number combinations to memory.
I see this trend quite often, where most users have to identify themselves with a "THREE-FACTOR" authenticate method: The Token, the Password and the piece of paper where they wrote down the password and how to login.
It is a known fact that when tax rates increase about a certain threshold, revenues begin to drop as evasion becomes more common place. The fiercest regimes are usually the ones that fall quicker.
But this blog is not supposed to be about sociology or politics, but about technology and management and in reality the issue that prompts me to write this time is the obsession of some IT Security departments to implement every single possible "best practice" as security measures. Two-factor authentication is one and the most common version is the security token, so this guarantees the unbreakable duet: something you know (the password) and something you have in your possession (the token). So when you put these together you have successfully authenticated yourself. This is not a new concept and it has been used ancestrally, just remember the stories that verse about tattoos or moles, passwords and objects that would identify a king, a priest, or a knight.
Changing passwords and setting up rules to construct valid and secure passwords is also a good idea, the problem arises when these rules restrict dramatically the number of words the user can choose and effectively remember. When combined with a stringent requirement for changing them too frequently together with a strict no re-use policy, these policies can be counter productive as they make it almost impossible for the user to commit multiple and random letter/number combinations to memory.
I see this trend quite often, where most users have to identify themselves with a "THREE-FACTOR" authenticate method: The Token, the Password and the piece of paper where they wrote down the password and how to login.
Subscribe to:
Posts (Atom)