Pixie Password Policy

One of our recent movie acquisitions was The Pirate Fairy, the fifth in Disney’s "Fairies" series, which shows Tinker Bell’s origins and develops the entire Pixie Hollow universe.  Don’t let the fact that these have never been in the theater* fool you – these movies have good stories, have great characters, are well-cast, and they’re funny!

"The Pirate Fairy" is about a dustkeeper named Zarina.  Pixie dust, you see, is what enables the fairies (and anything else) to fly, and it’s up to the dustkeepers to manage and distribute it.  Up until this movie, we know about two major kinds of dust – the golden pixie dust that you see getting sprinkled on everything, and a much rarer blue dust.  The blue dust is so rare and precious, in fact, that the dustkeepers actually keep it in a locked vault.  All of the dustkeepers apparently have the combination because one of the earliest scenes is of Zarina pulling "blue dust duty", which involves her and her boss, Fairy Gary, opening the vault to take some of the blue dust out for use.

Now, Zarina is not just any dustkeeper.  She’s an inquisitive dustkeeper.  A VERY inquisitive dustkeeper.  In her spare time, Zarina has been running a few, shall we say, "unsanctioned" experiments with pixie dust, trying to learn more about what it can do.  When one of her experiments gets away from her, Fairy Gary fires her.  She packs up her things, and leaves Pixie Hollow.

A year later, she returns during a festival where all of the fairies are gathered at the stadium, and puts all of them to sleep using poppy pollen – all except our heroes, of course.  She then proceeds to open the vault and steals all of the blue pixie dust.  I won’t ruin the rest of the movie for you, but it does have a happy ending.


What I’m going to focus on, though, is actually Fairy Gary and his lack of good password policies.  Let’s start with the sheer number of people that know the combination to the vault holding probably the most precious thing in all of Pixie Hollow.  How many dustkeepers do you have in your employ, Gary?  Do they ALL really need full admin rights?

And then there’s the fact that you haven’t change the combination to the vault in at least a year.  Even if Zarina hadn’t left, good password hygiene demands that a combination like this should be rotated every couple of months – at the minimum.

But then you fired an employee with full admin access.  That event alone should have triggered an immediate change to the combination.

And do I really need to even ask?  We’re only talking ONE combination to be changed here.  How much effort does it really take to change and distribute the new combination, really?

Sigh.  All this trouble could have been thwarted had Fairy Gary just used some basic system administration best practices.


* Well, almost never – accordingly to IMDB, Tinker Bell and the Lost Treasure apparently spent a week in the theaters in LA, just long enough to qualify for the 2010 Oscars.

May 6, 2014 - Posted by | General

