Google
  Web www.spinics.net

Cycling Passwords

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
I'm curious on your take on systems that require changing passwords on a set schedule, whether it's 90 days or whatever.
When I've setup new systems, I instruct the users to select passwords that are cryptic and follow guidelines that make them essentially impossible to crack, such as: Ol10yzZx119xa
Once a good password is found, why change it? I know there are a lot of consultants who say you must, but everywhere I've been that requires people to change passwords, I see they have written them on sticky notes and then put them on their monitor, or bookshelf or whereever. I also see the frustration level raise everytime they are trying to get into a system with a customer on the phone, and they have to tell them to wait for their session as they change their password...
Since roughly 90% of corporate break-ins are from the inside, having to change the passwords, and then sticking the passwords up, defeats the security purposes for changing passwords. 

What do you think?
Okay, I do have a reason for asking this: 1. convince me I'm wrong, and 2. I have a client that wants it to stop, and I need to know where in Fedora Core 6 that is setup so case I can make the change for them.
Their FC6 system is setup so the accounts go to /sbin/nologin so they don't have to change their password for email. But no one has shell access, and a few need it, thus creating the need for passwords to change. 

TIA

--
Karl L. Pearson
karlp@xxxxxxxxxxxxxxxx
http://consulting.ourldsfamily.com
---
 My Thoughts on Terrorism In America right after 9/11/2001:
 http://www.ourldsfamily.com/wtc.shtml
---
 The world is a dangerous place to live... not because of
 the people who are evil, but because of the people who
 don't do anything about it.
 - Albert Einstein
---
"To mess up your Linux PC, you have to really work at it;
 to mess up a microsoft PC you just have to work on it."
---

_______________________________________________
Redhat-install-list mailing list
Redhat-install-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/redhat-install-list
To Unsubscribe Go To ABOVE URL or send a message to:
redhat-install-list-request@xxxxxxxxxx
Subject: unsubscribe

[Home]     [Red Hat Kickstart]     [Fedora Users]     [Red Hat General]     [Red Hat Watch List]     [Red Hat Development]     [Samba List]     [Kernel List]     [Kernel Newbies]     [Hot Springs]     [Yosemite News]

Powered by Linux