On Jan 17, 2008, at 3:54 PM, John Hascall wrote: > This is, indeed, a restriction. If you need more, you need to change > the code and recompile, etc.
No code here. I'll have to use that as en excuse to get an exception. > > In any event, unless you also set a minimum password lifetime, you > can't guarantee a no reuse in a year anyway (I could change my > password > 12 times in 12 minutes). I have that covered. > > <soapbox> > I realize that these sorts of password rules are often externally > dictated, > but it's not clear to me (or many others) that they actually have a > positive > effect on security). > </soapbox> <heckle> Let me know when you convince non-technical security auditors. </heckle> > > > John > ________________________________________________ Kerberos mailing list Kerberos@mit.edu https://mailman.mit.edu/mailman/listinfo/kerberos