Re: Password expiration Process ?

[Cal Frye <cjf () CALFRYE COM>]

I only have tangential comments to add...
122 days is closer to 1/3 year; other intervals will creep around the calendar a
bit more. We wanted to avoid having password expiration coincide with semester
start/end and other hectic times.

Expiring passwords has one benefit not mentioned yet:
Account access granted by passing a post-it note to a colleague never expires as
quickly as we would like. Without password expiration at all, these things tend
to accumulate. I know user education is the proper answer, but some of them
refuse ;-)

--Cal Frye, Network Administrator, Oberlin College
   www.calfrye.com, www.pitalabs.com, www.ouuf.org

  "Washing one's hands of the conflict between the powerful and the powerless
means to side with the powerful, not to be neutral." --Paulo Freire, educator
(1921-1997).


Kenneth G. Arnold wrote:
> Our passwords expire every 120 days.  The user receives the following
> email warnings
> 1-Between 29 and 30 days before expiration
> 2-Between 13 and 14 days before expiration
> 3-Every day starting at 7 days before expiration until the password
> expires.
>
> The account expiration of the approximately 3000 accounts was initially
> spread over a period of a month so that the password expirations would
> not all take place on the same day.  We have no system in place to reset
> the password based on answering questions only the user should know.  I
> considered putting something into SCT Banner Web to allow a user to
> initiate a password reset but since Banner Web will eventually be
> accessed here inside a portal with Single Sign On it didn't make sense
> to do this since once SSO was initiated the user would probably not
> remember their Banner Web PIN.
>
>
> Brother Kenneth Arnold
> System Administrator
> Information Technology Services
> Christian Brothers University
> (901) 321-4333