Re: Cycling Passwords
|[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]|
Because every password can be "suggested" (Bruteforce). If you cange a password continously it is much harder to bruteforce it in a manner of time.Once a good password is found, why change it?
I know there are a lot of consultants who say you must, but everywhere I've been that requires people to change passwords, I see they have written them on sticky notes and then put them on their monitor, or bookshelf or whereever. I also see the frustration level raise everytime they are trying to get into a system with a customer on the phone, and they have to tell them to wait for their session as they change their password...On the one hand there is the technical problem of changing the password. On the other hand you have the social problem that people are dumb (sorry, it is so techincaly spoken). If you want better technical barriers to get in a system like SmartCards or USB Tokens then there was the problem that people losse them or other "social problems arround technical".
If you Client wants that then I would hardly suggest that he will sign a paper where ALL responsibilitys in case of an emergancy was fully on HIS side and that HE decides that to be changed.Okay, I do have a reason for asking this: 1. convince me I'm wrong, and 2. I have a client that wants it to stop, and I need to know where in Fedora Core 6 that is setup so case I can make the change for them.
I think it would be better to make a short (1-2h) briefing over password security and make ALL employees cut of this sticky notes stuff.
best regards HenrikP.S.: I thought since Virus-Scanners and SPAM-Attacks these days this very old discussions was over. I have to change my mind.
_______________________________________________ Redhat-install-list mailing list Redhat-install-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/redhat-install-list To Unsubscribe Go To ABOVE URL or send a message to: redhat-install-list-request@xxxxxxxxxx Subject: unsubscribe