Security Basics mailing list archives
Best Practices for Managing Password Resets ???
From: "Brad Bemis" <Brad.Bemis () airborne com>
Date: Wed, 23 Oct 2002 10:14:14 -0700
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 What are some of the common best practices currently being used in large enterprise environments to handle password resets while reducing the risk of exposure to social engineering exploits? Assuming that not everyone has voicemail, that the password being reset is required to access your e-mail account, or that the management of a prearranged return call list results in significant administrative overhead; what are some other alternatives currently being used? - - Brad Bemis -----BEGIN PGP SIGNATURE----- Version: PGP Freeware, Ver 6.5.8CKT - Build 8 Comment: KeyID: 0x691D248A Comment: Fingerprint: ECF3 F29A 65FD 3437 46FC FADF 54B9 6BD1 691D 248A iQA/AwUBPbbY5lS5a9FpHSSKEQK4YgCfbca7opXtvkkj6A4imk3RyyqSvrQAoO4w o3rfEUVduEnCnIgsmI8xcyP8 =YcKM -----END PGP SIGNATURE-----
Current thread:
- Best Practices for Managing Password Resets ??? Brad Bemis (Oct 24)