Re: password change issues

[Jason Todd <jtodd () WESTERNU EDU>]

Hi Mark,

If you have an AD backend then if you enable password history the previous password should not count towards the 
account lockout threshold.

-Jason

Jason Todd
Network Security Officer
Western University of Health Sciences

From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Mark 
Reboli
Sent: Tuesday, September 02, 2014 12:50 PM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: [SECURITY] password change issues

I am looking for information on how people handle password change issues.  Here is my dilemma:



1.       A person changes their password on the system

2.       In short order with push and sync other devices (tablet, smart phone, etc) disable the person's account

3.       We enable the account by the user calling the helpdesk (we tell them to change other devices passwords and 
then enable them)
We hope they did not miss another push device or we have to repeat step 3.  Are others having this issue, how are you 
getting around all the byod devices that do constant syncs which disable accounts?


Thank you and sorry for the dual post.
m

[Description: MU Arches]
Mark Reboli
Network/Telcom Manager
Misericordia University
(570) 674-6753