Educause Security Discussion mailing list archives

Re: Current Best Practice regarding Password Change policy

From: Barbara Deschapelles <deschapellesb () CLARKSTATE EDU>
Date: Sat, 25 Sep 2010 12:21:54 -0400

Thanks to all of your who took time to answer my question.  The discussion has been interesting and I truly appreciate 
all the thoughtful responses.  


There was significant support for a tiered structure (more frequent for more critical systems/people,) also significant 
arguments against password aging, and plenty of support for the 90 -~ 122 day ranges.  


Thanks again,


Barb

Current thread:

Re: Current Best Practice regarding Password Change policy, (continued)
- - - Re: Current Best Practice regarding Password Change policy Roger Safian (Sep 24)
    - Re: Current Best Practice regarding Password Change policy Valdis Kletnieks (Sep 24)
    - Re: Current Best Practice regarding Password Change policy Bob Bayn (Sep 24)
    - Re: Current Best Practice regarding Password Change policy Harry E Flowers (flowers) (Sep 24)
    - Message not available
    - Re: Current Best Practice regarding Password Change policy John C. Gale (Sep 24)
- Re: Current Best Practice regarding Password Change policy Roger Safian (Sep 24)
- Re: Current Best Practice regarding Password Change policy Cal Frye (Sep 24)
- Re: Current Best Practice regarding Password Change policy Hugh Burley (Sep 24)
- Re: Current Best Practice regarding Password Change policy Joe St Sauver (Sep 24)
  - Re: Current Best Practice regarding Password Change policy James Farr '05 (Sep 24)
- Re: Current Best Practice regarding Password Change policy Barbara Deschapelles (Sep 25)