What's the latest research on this? I heard it's better to make users
pick something secure and stick with it, because if you force people to
change, they're likely to pick less secure passwords and do stupid
things with them, like write them down or something. Changing every 3
months doesn't seem terrible, but it's still a big pain.
Todd O'Bryan
On Dec 10, 2003, at 8:28 AM, Ross McInnes (Systems) wrote:
Recently we were audited and as part of that they looked at our systems
and policies etc and produced a report.
As part of that report they mentioned about forcing users to change
thier
passwords every 90 days or so.
They also mentioned about disabling accounts after 3 login attempts.
Im pretty sure both can be done on NT, but id rather stick with rh and
samba thanks ever so much.
Can samba does these things? even if its a tinkering kind of job?
Many thanks
Ross McInnes
--
To unsubscribe from this list go to the following URL and read the
instructions: http://lists.samba.org/mailman/listinfo/samba
--
To unsubscribe from this list go to the following URL and read the
instructions: http://lists.samba.org/mailman/listinfo/samba
