Password History Policy Question
Dennis Putnam
dennis.putnam at aimaudit.com
Fri Jan 18 08:29:38 EST 2008
On Jan 17, 2008, at 3:54 PM, John Hascall wrote:
> This is, indeed, a restriction. If you need more, you need to change
> the code and recompile, etc.
No code here. I'll have to use that as en excuse to get an exception.
>
> In any event, unless you also set a minimum password lifetime, you
> can't guarantee a no reuse in a year anyway (I could change my
> password
> 12 times in 12 minutes).
I have that covered.
>
> <soapbox>
> I realize that these sorts of password rules are often externally
> dictated,
> but it's not clear to me (or many others) that they actually have a
> positive
> effect on security).
> </soapbox>
<heckle>
Let me know when you convince non-technical security auditors.
</heckle>
>
>
> John
>
More information about the Kerberos
mailing list