> So I would conjecture, at least in cases like this where users only > login infrequently, that the password change policy every N days > be done away with, or at the very least, we make N something > reasonably long, like 365 or more days.
Kevin, are you suggesting a "50 uses and change it" rule? --dan _______________________________________________ cryptography mailing list [email protected] http://lists.randombit.net/mailman/listinfo/cryptography
