Educause Security Discussion mailing list archives
Re: Password policy publication
From: Matthew Gracie <graciem () CANISIUS EDU>
Date: Wed, 29 Oct 2008 10:02:45 -0400
Valdis Kletnieks wrote:
And then there's the even more numerous sites that try to set up account locking, but fail to do it for *every* place. Sure, your Windows boxes and Active Directory may do locking - but did you check *every* web app that does authentication to make sure it does it as well? Your webmail server? Those 5 creeping horror applications that Student Billing runs to let students look at their bills online? And so on...
Overheard in almost every Unix machine room at some point or another: "Hey, how long has this LDAP-authenticating machine been running XDMCP?" -- Matt Gracie (716) 888-8378 Information Security Administrator graciem () canisius edu Canisius College ITS Buffalo, NY http://www2.canisius.edu/~graciem/graciem_public_key.gpg
Current thread:
- Re: Password policy publication, (continued)
- Re: Password policy publication Roger Safian (Oct 27)
- Re: Password policy publication Allison Dolan (Oct 27)
- Re: Password policy publication Valdis Kletnieks (Oct 27)
- Re: Password policy publication Shalla, Kevin (Oct 28)
- Re: Password policy publication Adam Nave (Oct 28)
- Re: Password policy publication Roger Safian (Oct 28)
- Re: Password policy publication Shalla, Kevin (Oct 28)
- Re: Password policy publication Valdis Kletnieks (Oct 28)
- Re: Password policy publication Steven Alexander (Oct 28)
- Re: Password policy publication Roger Safian (Oct 28)
- Re: Password policy publication Matthew Gracie (Oct 29)