>1. choose the same password for multiple applications (a definite no-no);
In your 'expert' opinion? Packages like P-Synch, and Vanguard's password administrator depend on/work with that. Session Managers (TPX, SuperSession) work with it, too. I'd rather have a single password, than write them down, or store them. All these rules make it very difficult to come up with a new one. It took me 20 minutes to create one on one site. (Of course, in this case, it wouldn't tell me what rules it was using; I had to guess). We have a "three strikes" policy, with a minimum length. And, that appears to be adequate. We also have 35% of our calls to the help desk as password resets. This was so expensive, we out sourced it to Manilla and are now payin 15-20% of the cost. Additional complexity just raises the price. Yaw tee pucketty! Rum ting clue! Ni! Ni! Ni! Arrooo! ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html
