|
Ironically said user just called me remotely and said his email password doesn't work and I said your network login probably expired to which he responds, "Yea, it's been bugging me to change it"..
Next time it tells you to change it or it will expire...change it! |
What is in our control is to not require excessively long, frequently expiring passwords. And we can implement systems that authenticate against a common credential store (eg, AD-integrated apps).
If a user has credentials in a dozen independent systems, all with different rules and max ages, of COURSE they're going to write them down. The worst I've seen is a password written in pen on the actual white plastic of the monitor! That was an accounting manager at a bank. |
We require a minimum of 8 characters with a mix of letters, numbers and punctuation or capital letters.
Pelican2013 or pelican!2013 Changed every 180 days. Too complex or making them change it too often can make it worse than being reasonable. I am less worried about someone using a local account which is restricted anyway than many of the other ways we could be vulnerable. |
I have one system where the password is a minimum of 26 characters. There can be nothing sequential anywhere in the password (123 or abc). Said password MUST be changed every 90 days and cannot be remotely similar to any of the previous 10 passwords. I got very frustrated one time when changing the password because the new password I entered wasn't allowed because it was "Too similar to previous password;" the part that pissed me off was that not a single character in the old password existed in the password I was attempting to change to. That system almost ate a hammer that day...
|
Quote:
|
|
| All times are GMT -8. The time now is 08:18 AM. |
Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2025, vBulletin Solutions, Inc.
Search Engine Optimization by vBSEO 3.6.0
Copyright 2025 Pelican Parts, LLC - Posts may be archived for display on the Pelican Parts Website