Boston Linux & UNIX was originally founded in 1994 as part of The Boston Computer Society. We meet on the third Wednesday of each month at the Massachusetts Institute of Technology, in Building E51.

BLU Discuss list archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Discuss] deadmanish login?

On 01/31/2017 01:56 PM, Kent Borg wrote:
> On 01/31/2017 11:30 AM, Grant NAPC wrote:
>> I think it's better to train them how to create those passwords on 
>> their own and then require them to change them so that should they 
>> reuse them elsewhere then they are only a concern for 90 days or 
>> whatever.
> I am not saying that forcing a password on users is good--I am 
> undecided...
> The problem with rotating passwords is how in hell to manage them. 
> Once upon a time, when hardly anyone had a password and those who did 
> had but a single password, it was easy. But now there are a lot.
> As a practical matter, how do you expect users to know their new 
> password if you make them change it every few weeks? Serious question.
Most businesses force password changes on their employees periodically, 
usually every 90 days. They also force standards like 8 characters, at 
least 1 lower and upper case and 1 number. I personally use lastpass to 
generate my random passwords with 12 characters. I personally prefer 
using RSA keys.

Jerry Feldman <gaf.linux at>
Boston Linux and Unix
PGP key id:B7F14F2F
PGP Key fingerprint: D937 A424 4836 E052 2E1B  8DC6 24D7 000F B7F1 4F2F

BLU is a member of BostonUserGroups
BLU is a member of BostonUserGroups
We also thank MIT for the use of their facilities.

Valid HTML 4.01! Valid CSS!

Boston Linux & Unix /