Yep, I agree. If a user reveals their password to an admin here, we HAVE to reset it and force a change immediately.
________________________________ From: Sherry Abercrombie [mailto:[email protected]] Sent: Wednesday, March 04, 2009 11:11 AM To: NT System Admin Issues Subject: Re: Password Policy Change That is a bad policy, habit to be in. I never, ever ever ask a user for their password. If I need to see what is happening with them while they are logged in then there are multiple ways to remote their desktop to actually see what is happening. This gets your users used to giving their password to someone that they view as being in authority to have it, and they may or may not know the difference when asked by someone with less than honorable intentions. As far as auditing passwords, there are 3rd party tools that will accomplish do that and give you reports on it. Sorry, don't mean to get on your case Cameron, but most admins on this list will agree with me on this subject...... On Wed, Mar 4, 2009 at 10:28 AM, Cameron Cooper <[email protected]> wrote: How do you perform an audit of the passwords currently in use? I usually find out the password when asking the user when I need to log in as them. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
