John Bell wrote: > Chris Travers wrote: >> Hi all; >> >> Aince I am now in the process of testing the user/role management >> stuff for 1.3, I was thinking a sensible password expiration interface >> would be a good thing to add. >> >> Here is what I am thinking: >> >> In System/defaults, we can add a value for the number of days a >> password is valid for. >> >> For the last week, a popup occurs once per day reminding one of the >> need to change one's password. >> In the last day, a popup occurs once per hour. >> >> The rest can be easily pushed into our user management procedures >> (already working). >> >> What do people think? >> >> >> > As long as it's optional... >
I agree totally. I for one would not want to use enforced password changes. If you are putting in a System option, then why not have an option for "never". Options are wonderful things ;-) David. > I have always held the view that expiring passwords are less secure than > non-expiring ones and lead to increased password recovery maintenance > issues. An expiring password has more risk of being forgotten, and > hence has a greater chance that the user would need to write it down, or > change it according to a predictable sequence. > > When did you last change the pin code on your credit card? > > Cheers > > John > > ------------------------------------------------------------------------------ > Crystal Reports - New Free Runtime and 30 Day Trial > Check out the new simplified licensign option that enables unlimited > royalty-free distribution of the report engine for externally facing > server and web deployment. > http://p.sf.net/sfu/businessobjects > _______________________________________________ > Ledger-smb-users mailing list > [email protected] > https://lists.sourceforge.net/lists/listinfo/ledger-smb-users ------------------------------------------------------------------------------ Crystal Reports - New Free Runtime and 30 Day Trial Check out the new simplified licensign option that enables unlimited royalty-free distribution of the report engine for externally facing server and web deployment. http://p.sf.net/sfu/businessobjects _______________________________________________ Ledger-smb-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/ledger-smb-users
