The reason for regular change is very good. It's that the low-intensity brute forcing of a password requires a certain stretch of time. Put the change interval low enough and you're safer from them.
We've had someone talk on-list about a significant amount of failed remote ssh login attempts. Should he chose not to force user to change their passwords they wouldn't. And the likelyhood of a successfull login would improve with the years (given coordination) to somewhere above the admin's comfort zone. The timeframe in which a password has to change also limits the maximum time exposed once someone has cracked it. This is relevant when the adversary needs multiple opportunity's to coincide. The amount of time it'll have access without triggering resource-counting or other "suspicious behavior" alarms becomes limited, as changing a password would either lock him or the legitimate user out. For most systems though, it's a complete waste of time.
_______________________________________________ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography
