Educause Security Discussion mailing list archives
Re: Frequency of password change
From: "Penn, Blake" <pennb () UWW EDU>
Date: Mon, 22 Aug 2005 17:47:19 -0500
Dr. Spafford: Brostoff's work touches on these issues, and with plenty of good data too! http://www.cs.ucl.ac.uk/staff/S.Brostoff/index_files/sachas_transfer_report. pdf http://www.cs.ucl.ac.uk/staff/S.Brostoff/thesis/ __________________________________ Blake Penn, CISSP Information Security Officer University of Wisconsin-Whitewater (p) 262-472-5513 (f) 262-472-1285 e-mail: pennb () uww edu -----Original Message----- From: Gene Spafford [mailto:spaf () CERIAS PURDUE EDU] Sent: Monday, August 22, 2005 3:49 PM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: [SECURITY] Frequency of password change I know this has been a topic here before, but I failed to archive the info. Does anyone have references to any good studies that show that changing passwords once a month (or every 8 weeks, etc) is too FREQUENT and leads to more cases of people forgetting passwords, picking trivial passwords, writing them down, etc. Thanks,
Attachment:
smime.p7s
Description:
Current thread:
- Frequency of password change Gene Spafford (Aug 22)
- <Possible follow-ups>
- Re: Frequency of password change Brian Wheeler (Aug 22)
- Re: Frequency of password change Penn, Blake (Aug 22)
- Re: Frequency of password change Gene Spafford (Aug 22)
- Re: Frequency of password change Gary Flynn (Aug 23)
- Re: Frequency of password change Melissa Guenther (Aug 23)