This is Global Reach Kenny's Typepad Profile.
Join Typepad and start following Global Reach Kenny's activity
Join Now!
Already a member? Sign In
Global Reach Kenny
Recent Activity
Bill, I, too, apologize for the delay. I've been on a two month detail with the International Trade Administration for the National Export Initiative. Our blog team is currently revamping our marketing strategy to spread the word out. Our office just sent out a broadcast message to all of our email subscribers, we are going to get on twitter, and also have guest bloggers. We are also hoping that people pass us along to other users. Any other suggestions? Did NIST reply back? Kenny
Tony, Thanks for the tip. This is the first time I’ve ever heard of KeePass. I’m reading about it on Wikipedia, http://en.wikipedia.org/wiki/KeePass. Professionally and personally, I do have a lot of passwords to remember so the idea of having an app to manage them all that is great. I think it is very to discuss this type of application, especially if some people are currently or will potentially use it. In addition, I am a novice to these password sites/apps and cannot credibly comment on the security, the useful, or the ease of the KeePass or the similar sites. Maybe someone from the trade can help educate me and the other potential users on the risks and benefits associated with using these passwords site! Global Reach Kenny
Bill, If you want to read more about the Computer Security Guidelines, check out NIST’s website, csrc.nist.gov. NIST, the National Institute of Standards and Technology, developed the security measures that we must follow. Extending the password expiration term may be possible. I’ll bring up the idea to our supervisors and our security liaison. Giving users the option to change the frequency may be beyond our means. Again though, I’ll bring the suggest to their attention. In terms of your paper requests for passwords, one of our co-workers worked to get the password recovery to be an online process. Currently, the only paper requests for password are for the Account Administrator who get locked out. We’ve also added a counter so you know how many attempts you have left as well as increase the number of attempts you are in the given time frame (originally 1 hour, now 15 minutes). I appreciate your questions and comments. This dialogue needs to be taking place. A lot of people ask why our passwords are so hard and basically, it’s to protect their information. If we can make AESDirect easier for users without sacrificing security, then we are all for it. Kenny
Dear Bill, I hear what you are saying and I know exactly how you feel. As a federal employee, I go through the same process in making passwords for my computer login and my internet login. I, too, get frustrated with the complexity and the requirements of the password. As you know, AESDirect is a program funded by the Commerce Department and as a result, it must adhere to the same Commerce Security Policy as any other program. I know that may sound ridiculous to you, a one man exporter, but that's just the name of the game. The security level for your password and account is law and is here to stay. I can help you alleviate your frustration by easing the process of creating passwords. For example, think of a phrase that's memorable, then take out all the vowels, add in some numbers, and top if off with a special character. You are right, we aren't guarding missiles, but we are guarding Personal Identifiable Information which is something the Census Bureau takes very seriously.
Global Reach Kenny is now following The Typepad Team
Dec 23, 2009