That is a bad policy, habit to be in. I never, ever ever ask a user for their password. If I need to see what is happening with them while they are logged in then there are multiple ways to remote their desktop to actually see what is happening.
This gets your users used to giving their password to someone that they view as being in authority to have it, and they may or may not know the difference when asked by someone with less than honorable intentions. As far as auditing passwords, there are 3rd party tools that will accomplish do that and give you reports on it. Sorry, don't mean to get on your case Cameron, but most admins on this list will agree with me on this subject...... On Wed, Mar 4, 2009 at 10:28 AM, Cameron Cooper <[email protected]> wrote: > How do you perform an audit of the passwords currently in use? I usually > find out the password when asking the user when I need to log in as them. > > > > _______________________________ > > *Cameron Cooper* > > *IT Director - CompTIA A+ Certified* > > Aurico Reports, Inc > > Phone: 847-890-4021 Fax: 847-255-1896 > > [email protected] > > > > > > > > -- Sherry Abercrombie "Any sufficiently advanced technology is indistinguishable from magic." Arthur C. Clarke ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
