On Friday 06 July 2001 20:10, you wrote:
> On Fri, Jul 06, 2001 at 05:38:03PM -0400, Michael Scottaline wrote:
>
> No! You're missing the point. This works in a small network, but what
> happens if you want to change lots of people's passwords? Simply use a
> random password generator, print out each password on a small piece of
> paper and expire the passwords. The user must change the password on
> first use, so it's (relatively) secure. It also means that the only
> person that knows the password is the user. If you didn't expire the
> password, a lazy user could keep the first password, which someone
> else may have discovered in transit to the user, giving this third person
> account access - bad.
>
I was looking for an easy way to do this and never found it. What I've
resulted to doing is to leave the account with no password (by deleting the
password field in /etc/shadow). This forces the user to set a password at
next login.
--
John LeMay
Senior Enterprise Consultant
NJMC
