On Thursday 29 November 2007 10:57:01 am Michael O'Keefe wrote: > >>>> The minimum age combined with the length of the password history make > >>>> it > >>> > >>> so a password cannot be reused within a given period of time. Say you > >>> keep > >>> 26 passwords in the history, and have a minumum age of 2 weeks, this > >>> will not let you use the same password for a minimum of a year. > >> > >> I haven't done much looking about, but is there support for password > >> history in Linux? > > I've never understood password aging. > If your system is so fragile that it cannot withstand users keeping > their passwords indefinitely, I'd be looking at the systems fragility, > not password rotation. >
I've found that all password aging / reuse restriction does is encourage the user to write down the password on a sticky note and put it on the monitor to ease their frustration. They just want to get their work done, they couldn't care less about security. If you need to go that route, try one of those hardware password generating key fob thingys. At least they put those out of plain sight in their desk drawer. :D C. -- [email protected] http://www.kernel-panic.org/cgi-bin/mailman/listinfo/kplug-list
