I'm at a college of a comparable size. A few years ago, we removed the requirement for users to change their password. I would check out https://pages.nist.gov/800-63-FAQ/#q-b05.
Regards, EWG On Friday, August 28, 2020 at 3:38:04 PM UTC-4 [email protected] wrote: > > Hello, > > I am looking for some general information on password policies and > management. > > I am wondering how others have implemented LDAP password expiration > warnings on their CAS installments (hoping for advice on CAS 6.2, but any > advice is good). Do you use your LDAP provider's password policy? > Notifications to email or phone? Intercept attributes with custom scripts? > Change the login webflow in some way? > > How have you had success warning users that their password will expire > soon (or already has expired) and guiding them to reset their passwords? > Would you recommend any CAS features over others for password policies and > management? Also, what size organization are you? I work at a relatively > small university (~4000 students). > -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/33e23fe8-5d91-4dc6-aa81-fb510be108bdn%40apereo.org.
