Hot Diggety! Dan Foster was rumored to have written:
>
> But when coupled with other steps such as:
[...]
>
> - Making users change their password (whether via pam_passwdqc +
> passwd or via a web page somewhere or via built-in capabilities)
Oops, that was incomplete. I *meant* to say this:
- Making users change their password (whether via pam_passwdqc +
passwd or via a web page somewhere or via built-in capabilities)
where there's a decent password *strength* checker with no
other way for users to subvert it (through other tools).
Our standards requires password strength checking (for good reasons;
I've seen what passwords users choose without this -- instant
compromise), and beyond an initial grumbling when we transitioned the
user base to this approach, it's worked out well.
When users grumble, we give them simple tips for developing reasonable
passwords such as letters (1st letter of each word, or second, or
whatever) from a favorite movie or song phrase that only they themselves
know -- not something that a friend could guess. Then throw in
capitalization, punctuation, numbers somewhere.
Haven't seen any of these ever fail a password strength check or be
compromised, while avoiding the need to write down estoteric passwords
on a post-it note left on their monitor. It's a careful balance between
organizational security needs and the reality of supporting users.
-Dan
_______________________________________________
Tech mailing list
[email protected]
http://lopsa.org/cgi-bin/mailman/listinfo/tech
This list provided by the League of Professional System Administrators
http://lopsa.org/
