This is a truly banal password. Even a technoturkey can see that a password
made up of your email address and a number is highly vulnerable to a
password cracker. Decent passwords are items containing mixed upper and
lower case and special characters and I would expect (no, I wouldn't, would
I?) a decent password scheme from the ever vigilant UKIC.
But they HAVE turned the scheme off for now.
-----Original Message-----
From: This list is for those interested in Data Protection issues
[mailto:[log in to unmask]] On Behalf Of Saundra Kae Rubel
Sent: Friday, January 30, 2004 9:01 PM
To: [log in to unmask]
Subject: [data-protection] Info Commissioner site update now with password
With deferential apologies to those who offered their e-mail addresses as
subscription whimsy, the Info Commissioners Office just sent me an e-mail
with my new password to access my updates.
Here is their verbage:
You have subscribed to the Information Commissioners, email alerts service.
Following a minor security problem, you have been issued with this unique
password to allow you to continue receiving email alerts.
MINOR SECURITY PROBLEM?????
Well, now is the time for them to publish a best practice guide to securing
web sites in compliance with various data protection laws.
OK, back to my side of the pond.
Saundra
====================================================
Saundra Kae Rubel
Privacy Law Analyst
Privacy Knowledge Base: the world's most comprehensive privacy and data
protection law database containing extensive information and expert analysis
about privacy and data protection in the United States, and 64 other
countries including the European Union member states.
http://www.privacyknowledgebase.com/
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
All archives of messages are stored permanently and are
available to the world wide web community at large at
http://www.jiscmail.ac.uk/lists/data-protection.html
If you wish to leave this list please send the command
leave data-protection to [log in to unmask]
All user commands can be found at : -
http://www.jiscmail.ac.uk/help/commandref.htm
(all commands go to [log in to unmask] not the list please)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
All archives of messages are stored permanently and are
available to the world wide web community at large at
http://www.jiscmail.ac.uk/lists/data-protection.html
If you wish to leave this list please send the command
leave data-protection to [log in to unmask]
All user commands can be found at : -
http://www.jiscmail.ac.uk/help/commandref.htm
(all commands go to [log in to unmask] not the list please)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
|