[windows2000] Re: Why isn't everyone being forced to change their pass
- From: "Greg Reese" <GReese@xxxxxxxxxxxxxxxx>
- To: <windows2000@xxxxxxxxxxxxx>
- Date: Wed, 13 Aug 2003 09:01:02 -0400
we require some numbers to be mixed in with their password. You have to find a
balance between too easy and too tough. Too easy and it will be cracked in the
blink of an eye and too tough and they will just write it down on a post it
note and stick it on the front of their monitor. We have one user who prints
their password on a ptouch and then affixes it to the top of their keyboard.
I always tell people to use an old street address as a password. Easy to
remember and difficult to crack. 1234mainst for example.
Greg
-----Original Message-----
From: Sorin Srbu [mailto:Sorin.Srbu@xxxxxxxxxxxxx]
Sent: Wednesday, August 13, 2003 4:00 AM
To: windows2000@xxxxxxxxxxxxx
Subject: [windows2000] Re: Why isn't everyone being forced to change
their pass
On Tue, 12 Aug 2003 12:51:47 -0700, Chris Berry wrote:
>>From: "Sorin Srbu" <Sorin.Srbu@xxxxxxxxxxxxx>
>>Umm... I think that is a university problem. The PhD-students at
>>our lab never want to change their passwords. When I first started
>>my work at the dept, the previous "sysadmin" told me he had managed
>>to reach a consensus by having a 6 month period between changes. If
>>the students would have had their way, it would have been 5 years
>>or some such. I implemented, by force, a 2 month period for
>>changing the pwds. I'd rather have it at one month though. I might
>>do it stealthily anyway. >>8->
>
>My personal opinion is that monthly is way too frequent, I'd have to write
>my password down, I'd always be forgetting it, which pretty much defeats the
>whole purpose. My policy is three months for relatively easy passwords or
>six months for hard ones.
Our problem is not ppl writing up their passwords on notes that
they stick to the monitor, but easy passwords which can be
brute-force cracked. The physical environment here is more or less
locked down, so the sticky-notes are not that much of a problem
really.
Being an open (well, relatively...) university network we have a
much bigger problem with hack-attacks and intrusion attempts.
The unix-sysadmin agrees on this approach, and he's way more
paranoid than me. 8-)
BW,
Sorin
# Sorin Srbu, Systems Engineer Web: http://www.farmfak.uu.se/organisk/
# Dept of Medicinal Chemistry, Phone: +46 (0)18-4714482 >> 5 signals
>> GSM
# Div of Org Pharm Chem, Mobile Phone: +46 (0)701-718023
# BMC, Box 574, Uppsala University Fax: +46 (0)18-4714474
# SE-751 23 Uppsala, Sweden Visit: BMC, Husargatan 3, D5:512b
#
# Public PGP key available on request.
#
# () ascii ribbon campaign - against html e-mail
# /\
********************************************************
This Week's Sponsor - RTO Software / TScale
What's keeping you from getting more from your terminal servers? Did you know,
in most cases, CPU Utilization IS NOT the single biggest constraint to scaling
up?! Get this free white paper to understand the real constraints & how to
overcome them. SAVE MONEY by scaling-up rather than buying more servers.
http://www.rtosoft.com/Enter.asp?ID=148
**********************************************************
To Unsubscribe, set digest or vacation
mode or view archives use the below link.
http://thethin.net/win2000list.cfm
********************************************************
This Week's Sponsor - RTO Software / TScale
What's keeping you from getting more from your terminal servers? Did you know,
in most cases, CPU Utilization IS NOT the single biggest constraint to scaling
up?! Get this free white paper to understand the real constraints & how to
overcome them. SAVE MONEY by scaling-up rather than buying more servers.
http://www.rtosoft.com/Enter.asp?ID=148
**********************************************************
To Unsubscribe, set digest or vacation
mode or view archives use the below link.
http://thethin.net/win2000list.cfm
Other related posts:
