For all of the reasons discussed below, I thoroughly agree with the security guy.
Get your users used to it, and you'll have fewer problems overall. Kurt On Tue, Apr 28, 2009 at 08:39, Jeremy Anderson <jer...@mapiadmin.net> wrote: > The security guy is insisting that we set the Min Password Age to 1 day. I > agree in theory that this is a swell idea, but in practice, I think it will > be a disaster. > > > > We have users that forget their passwords every other day (Don’t ask) and > company politics that are going to let this bad habit continue. Admins > reset the password, and set the flag that says “Must change password on next > logon” > > > > I say, that the user will never get prompted to reset the next time they > login, or that changing it will fail, because the password is now less than > one day old. > > > > Security guy says “Not having that set is a bad idea, other companies do it, > make it happen” > > > > How do you guys deal with this? > > > > Thanks > > Jeremy > > > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~