Firewall Wizards mailing list archives

Re: password aging

From: "Joseph S. D. Yao" <jsdy () cospo osis gov>
Date: Tue, 1 Sep 1998 09:58:42 -0400 (EDT)

This is true.  It's also "standard" practice...One of the goals of my group
is to _reduce_ the number of calls
to the help-desk.  Please keep in mind that this is only a _proposed_
change, and it hasn't been approvee yet.


If reducing calls is a goal, why increase them by not telling the user
why the password is rejected?  ;-)

Scalability is an issue.  We're talking about (at least) a 128 bit
keyspace.


The ARGUMENT doesn't scale perfectly.  Analogies rarely do.  I believe
that a system-wide old-password database is still not the wisest
choice.

--
Joe Yao                         jsdy () cospo osis gov - Joseph S. D. Yao
COSPO Computer Support                                          EMT-A/B
-----------------------------------------------------------------------
This message is not an official statement of COSPO policies.

Current thread:

Re: password aging Paul McNabb (Sep 01)
- Re: password aging Stephen P. Gibbons (Sep 01)
- <Possible follow-ups>
- RE: password aging Rick Smith (Sep 01)
- Re: password aging Joseph S. D. Yao (Sep 01)
  - Re: password aging Stephen P. Gibbons (Sep 01)
    - Re: password aging Joseph S. D. Yao (Sep 01)
- Re[2]: password aging Steve . Bleazard (Sep 02)
  - Re: Re[2]: password aging Alec Muffett - SunLabs (Sep 02)
  - Re: Re[2]: password aging Aleph One (Sep 02)
- Re: Re[2]: password aging Ryan Russell (Sep 03)
  - Re: Re[2]: password aging Michael Shields (Sep 06)
- Re: password aging Paul McNabb (Sep 03)
  - Re: password aging Stephen P. Gibbons (Sep 06)