I just wanted to ask a brief question about passwords.
I have access to about 10 SAP systems in my work at the moment, and all of
them require a password, and these passwords all expire after 60 days. This
will happen at random times depending on when I actually try to logon. So I
have the potential of having 10 different passwords. And I get locked out of
the system after 3 bad password tries (as sysadmin I can unlock myself, but
it's a pain, and also as sysadmin, I need to unlock other people all the
time).
My question is, Why is automatic password expiry a good idea?
It's a pain, and encourages bad password management. I'll probably log onto
each system every 60 days and set them all to the same one.
/Robert