Shhh, students actually do that. In looking at their reply to spearphishing emails.... Ksu12345 among the most common....the most common have been Ksu2011 and 2011Ksu (with whatever the current year is).
Our IDM system records your last 100 passwords, and checks that new password is at least 50% different...though obviously its a weak difference check. Password criteria is character from 3 of 4 groups (uppercase, lowercase, digits, symbols)....a space is considered a lowercase character. Though some systems don't work with certain symbols. Our old webmail system didn't like @ signs in passwords.... Also when they originally did the windows hashes...they were doing lanman, so they truncate the password to 14 characters and then generate the hash. later they added nthash...from the truncated password. lanman is no longer used, but the code didn't change (the field was just removed from the view). IT security officer could no longer access samba shares after they allowed longer than 8 character passwords (up to 31). I had told them of this problem....repeated during testing. Workaround is to access samba shares, only type the first 14 characters of your password. resources and logins that used ADS worked, because the passwords are transmitted clear to that system to generate passwords in there. Made it easy to debug password change problems until we finally made it do ssl. On 5/15/2011 8:04 PM, Tom Limoncelli wrote: > http://www.youtube.com/watch?v=a6iW-8xPw3k > _______________________________________________ > Discuss mailing list > [email protected] > https://lists.lopsa.org/cgi-bin/mailman/listinfo/discuss > This list provided by the League of Professional System Administrators > http://lopsa.org/ -- Who: Lawrence K. Chen, P.Eng. - W0LKC - Senior Unix Systems Administrator For: Enterprise Server Technologies (EST) -- & SafeZone Ally Snail: Computing and Telecommunications Services (CTS) Kansas State University, 109 East Stadium, Manhattan, KS 66506-3102 Phone: (785) 532-4916 - Fax: (785) 532-3515 - Email: [email protected] Web: http://www-personal.ksu.edu/~lkchen - Where: 11 Hale Library _______________________________________________ Discuss mailing list [email protected] https://lists.lopsa.org/cgi-bin/mailman/listinfo/discuss This list provided by the League of Professional System Administrators http://lopsa.org/
