[THIN] Re: Assistance requested...
- From: Jez <jezosaurus@xxxxxxxxx>
- To: thin@xxxxxxxxxxxxx
- Date: Fri, 20 Jun 2008 09:48:08 +0200
Not in healthcare but we have a number of healthcare customers.
3 methods used (local LAN, Windows domain logon)
- Password: Minumum 12 characters; must have at least 3 of: Upper case
letter; lower case letter; number; spacial character
- Fingerprint (swipe finger)
- Chip /smart card
Password always works. The fingerprint needs to be set up on each
laptop, and the smart card thing is only supported with the correct
hardware.
On Mon, Jun 16, 2008 at 3:11 PM, Chad Schneider (IT)
<Chad.M.Schneider@xxxxxxxxxxxxx> wrote:
> Fine, disregard.
>
> If anyone would be willing to share with me privately, I would be more than
> grateful.
>
> Thanks to those that have been so kind as to help out a long-time thinlist
> member with your information.
>
> Chad Schneider
> Systems Engineer
> ThedaCare IT
> 920-735-7615
>
>>>> On 6/15/2008 at 6:20 PM, <andrew.wood@xxxxxxxxxxxxxxxx> wrote:
> Sure they're basic questions - but if I wanted to organise an attack
> profile, knowing what your limits were would be a handy thing to know in
> reducing down password possibilities and increasing the likelihood of
> finding a positive match.
>
> Or, if I wanted to simply ring your users to ask them for their passwords -
> knowing the answers to those questions would help me appear as a genuine
> support desk caller.
>
> Sounds like sensible advice to me.
>
> -----Original Message-----
> From: thin-bounce@xxxxxxxxxxxxx [mailto:thin-bounce@xxxxxxxxxxxxx] On Behalf
> Of Chad Schneider (IT)
> Sent: 15 June 2008 01:55
> To: thin@xxxxxxxxxxxxx
> Subject: [THIN] Re: Assistance requested...
>
> Not sure I follow?
>
> I am asking some basic questions, trying to compare our fellow healthcare
> organizations rules, to be sure we are in check with everyone else. So long
> as you are using compliant rules, I see no issue sharing such information.
>
> Chad Schneider
> Systems Engineer
> ThedaCare IT
> 920-735-7615
>>>> Tim <timothylanderson@xxxxxxxxx> 06/13/08 4:31 PM >>>
> Sorry Chad
>
> I can't give you that info other than to say they are stringent. Anyone who
> does, please don't include your organization name, lest this cause an RPE
> (resume producing event) for you.
>
> Cheers
>
> On Fri, Jun 13, 2008 at 3:18 PM, Chad Schneider (IT) <
> Chad.M.Schneider@xxxxxxxxxxxxx> wrote:
>
>> I have been asked to get information from those in Healthcare IT,
>> regarding your network password policies. We have some discussions going
> on
>> about are we overly compliant, under complaint, what are others doing?
>>
>> What I am looking for is...
>>
>> Your network user account (AD) password rules....
>> # of characters (min/max)
>> Password Age (Min/max)
>> Required characters (alpha/numeric/upper/lower/special/etc.)
>> Password History
>>
>> Any assistance in this is greatly appreciated, as I need to put together a
>> report of "our peers" for management.
>>
>> Thanks!
>>
>>
>> Chad Schneider
>> Systems Engineer
>> ThedaCare IT
>> 920-735-7615
>>
>
> ************************************************
> For Archives, RSS, to Unsubscribe, Subscribe or
> set Digest or Vacation mode use the below link:
> //www.freelists.org/list/thin
> NEW! Follow Thin List on Twitter!
> http://twitter.com/thinlist
> Thin List discussion is now available in blog format at:
> http://thinmaillist.blogspot.com
> HOT! Thinlist MOBILE Feed!
> http://thinlist.net/mobile
> Thinlist quick pick
> http://thinlist.net
> ************************************************
>
>
************************************************
For Archives, RSS, to Unsubscribe, Subscribe or
set Digest or Vacation mode use the below link:
//www.freelists.org/list/thin
NEW! Follow Thin List on Twitter!
http://twitter.com/thinlist
Thin List discussion is now available in blog format at:
http://thinmaillist.blogspot.com
HOT! Thinlist MOBILE Feed!
http://thinlist.net/mobile
Thinlist quick pick
http://thinlist.net
************************************************
Other related posts:
