Educause Security Discussion mailing list archives
Re: Password Expatriation notification
From: "SCHALIP, MICHAEL" <mschalip () CNM EDU>
Date: Thu, 19 Aug 2010 13:48:25 -0600
Cool.....now - change that admin "passphrase" every term (our current policy) - or every 6 months - and your sys admins will be lobbying for 2-factor within a couple of terms.... Also be prepared to audit your sys admins and their system accounts......be prepared to find the "official" sys admin accounts, and more than likely a shadow account that they use for everyday use (with a 4-6 character password.......;-) -----Original Message----- From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Alex Keller Sent: Thursday, August 19, 2010 1:05 PM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: Re: [SECURITY] Password Expatriation notification re: I've watched people who have trouble typing try to enter passwords and pass-phrases. When every character takes 5 seconds to type, a 9 character password is much easier than a 16 character pass-phrase. however, it is often easier for people to type passphrases (even poor typists) becuase the keystrokes are familiar. i am not a great typist and i can type "Should we go back to the moon?" much faster than "vf$1048Za". we are moving to passpharses (where possible) for administrative accounts. we make sure the passphrase is sufficiently long, not based on a common slogan, includes both upper and lower case letters, at least one special character, and a string of numbers: "#Our cabin in cozy in the thunder!1055". it is a pain at first, but once you can commit it to muscle memory it gets a lot faster. either that or just cut and paste out of Keypass or alike. best, alex -- Alex Keller Systems Administrator Academic Technology, San Francisco State University Office: Burk Hall 153 Phone: (415)338-6117 Email: alkeller () sfsu edu -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean.
Current thread:
- Re: Password Expatriation notification, (continued)
- Re: Password Expatriation notification Mark Monroe (Aug 19)
- Re: (***POSSIBLE SPAM***) Re: [SECURITY] Password Expatriation notification SCHALIP, MICHAEL (Aug 19)
- Re: (***POSSIBLE SPAM***) Re: [SECURITY] Password Expatriation notification Walter Moore (Aug 19)
- Re: (***POSSIBLE SPAM***) Re: [SECURITY] Password Expatriation notification Valdis Kletnieks (Aug 19)
- Re: (***POSSIBLE SPAM***) Re: [SECURITY] Password Expatriation notification Charles Buchholtz (Aug 19)
- Re: (***POSSIBLE SPAM***) Re: [SECURITY] Password Expatriation notification Valdis Kletnieks (Aug 19)
- Re: (***POSSIBLE SPAM***) Re: [SECURITY] Password Expatriation notification Charles Buchholtz (Aug 19)
- Re: (***POSSIBLE SPAM***) Re: [SECURITY] Password Expatriation notification Eric Case (Aug 19)
- Re: (***POSSIBLE SPAM***) Re: [SECURITY] Password Expatriation notification Deke Kassabian (Aug 19)
- Re: Password Expatriation notification Alex Keller (Aug 19)
- Re: Password Expatriation notification SCHALIP, MICHAEL (Aug 19)
- Re: Password Expatriation notification Charles Buchholtz (Aug 19)
- Re: Password Expatriation notification Eric Case (Aug 19)
- Re: Password Expatriation notification charlie derr (Aug 19)
- Re: Password Expatriation notification Eric Case (Aug 19)
- Re: Password Expatriation notification James Farr '05 (Aug 19)
- Re: Password Expatriation notification SCHALIP, MICHAEL (Aug 19)
- Re: Password Expatriation notification Eric Case (Aug 19)
- Re: Password Expatriation notification Eric Case (Aug 19)
- Re: Password Expatriation notification Morrow Long (Aug 19)
- Re: Password Expatriation notification Allison Dolan (Aug 19)