> > Password expiry is an orthogonal issue and should be up to administrator
> policy.
> Yes, but if you are moving to a different algorithm to improve security, not
> coupling it with an eventual expiration of non-migrated accounts gives a
> false sense of security.  Any admin worth his/her salt is going to want the
> option of enforcing that sort of policy along with the transparent update. 
> They should really be implemented together is all.

Account expiration and password expiration are already present. There is 
absolutely no reason that password algorithm upgrade should be tied in any way 
to expiration. A transparent algorithm upgrade as proposed is *far* better 
than the forced password change method that is commonly employed. If the 
administrator wants to force all accounts to migrate by a set deadline, we 
already have the expiration facilities in place to accomplish that. Expiring 
accounts that have not been used in a long time, regardless of algorithm 
changes, should be part of general housekeeping and may be covered by existing 
policy. Password expiration serves no purpose, EVER. Password expiration 
encourages users to choose bad passwords because they are throwaway items.

Bruce states it well enough I need not elaborate further

Anyone who fails to understand the above should NOT be an administrator.

freebsd-current@freebsd.org mailing list
To unsubscribe, send any mail to "freebsd-current-unsubscr...@freebsd.org"

Reply via email to