Educause Security Discussion mailing list archives
Re: Password Cracking & Consequences
From: Geoff Nathan <geoffnathan () WAYNE EDU>
Date: Thu, 26 Aug 2004 17:26:59 -0400
At 04:29 PM 8/26/2004, you wrote:
What would be the circumstances under which IT would "crack" a faculty member's password. Unless there is a violation of the acceptable use policy or is it that the individual forgets the password?
I would suggest that if a password can be cracked it's no longer doing its job and needs to be changed (and its owner should be told that). Now whether schools deliberately try to crack passwords is a different question, although some do (and I know of a few individual departments with a higher than average number of techies in residence that don't permit crackable passwords). On a slightly parallel note, does anyone know of a self-service password tester--something that would let people test their passwords and let them know whether it is acceptable (with all appropriate safeguards in place, of course--it could even be anonymous). Geoff Geoffrey S. Nathan <geoffnathan () wayne edu> Security Coordinator, Computing and Information Technology, and Associate Professor of English Linguistics Program Phone Numbers Department of English Computing and Information Technology: (313) 577-1259 Wayne State University Linguistics (English): (313) 577-8621 Detroit, MI, 48202 C&IT Fax: (313) 577-1338 ********** Participation and subscription information for this EDUCAUSE Discussion Group discussion list can be found at http://www.educause.edu/cg/.
Current thread:
- Password Cracking & Consequences Jason Brooks (Aug 26)
- <Possible follow-ups>
- Re: Password Cracking & Consequences Sweeny, Jonny (Aug 26)
- Re: Password Cracking & Consequences CAROLE CARMODY (Aug 26)
- Re: Password Cracking & Consequences Lucas, Bryan (Aug 26)
- Re: Password Cracking & Consequences James Riden (Aug 26)
- Re: Password Cracking & Consequences Melissa Guenther (Aug 26)
- Re: Password Cracking & Consequences Scott Weeks (Aug 26)
- Re: Password Cracking & Consequences Alan Amesbury (Aug 26)
- Re: Password Cracking & Consequences Jason Richardson (Aug 26)
- Re: Password Cracking & Consequences Jeff Giacobbe (Aug 26)
- Re: Password Cracking & Consequences Geoff Nathan (Aug 26)
- Re: Password Cracking & Consequences Lucas, Bryan (Aug 26)
- Re: Password Cracking & Consequences Ron Parker (Aug 26)
- Re: Password Cracking & Consequences Stephen Bernard (Aug 26)
- Re: Password Cracking & Consequences Ron Parker (Aug 26)
- Re: Password Cracking & Consequences Eric Pancer (Aug 26)
- Re: Password Cracking & Consequences Ken Shaurette (Aug 26)
- Re: Password Cracking & Consequences Wayne J. Hauber (Aug 26)
- Re: Password Cracking & Consequences Scott Bradner (Aug 26)
- Re: Password Cracking & Consequences Scott Weeks (Aug 26)
- Re: Password Cracking & Consequences James Riden (Aug 26)
(Thread continues...)