On 11/29/07, Lan Barnes <[EMAIL PROTECTED]> wrote: > > > On Thu, November 29, 2007 7:01 am, Carl Lowenstein wrote: > > On Nov 29, 2007 6:07 AM, Todd Walton <[EMAIL PROTECTED]> wrote: > >> What security could there be in requiring passwords to be at least a > >> day old before you can change them? > > > > At the very least, it keeps you from changing your password and > > immediately changing it back to its previous value. > > > > carl > > > > Our password aging system prevents reuse 10 passwords deep. I find it > easier to do 5 sequential keys and three sequential digits and then write > it down. Presently using yuiop321 in some placse, qazxsw123 in others. > > The minimum age combined with the length of the password history make it so a password cannot be reused within a given period of time. Say you keep 26 passwords in the history, and have a minumum age of 2 weeks, this will not let you use the same password for a minimum of a year.
-- JD Runyan -- [email protected] http://www.kernel-panic.org/cgi-bin/mailman/listinfo/kplug-list
