On 7/22/2011 11:25 AM, Gregory Boyce wrote:
On Jul 22, 2011 11:22 AM, "Dave Close" <d...@compata.com
<mailto:d...@compata.com>> wrote:
>
> Dan Foster wrote:
>
> > - Periodic password changes
>
> I have never heard a reasonable explanation for this common policy. If
> you don't share passwords and block repeated failures, why does it help?
> More importantly, it generally forces people to write them down.
If a password is compromised in a non-obvious way, it provides a limit
on how long it could be used.
I find a good definition of 'periodic' is about 1 year. It minimizes the
writing down problem, and puts an upper bound on oopses and brute force
attempts.
_______________________________________________
Discuss mailing list
Discuss@lists.lopsa.org
https://lists.lopsa.org/cgi-bin/mailman/listinfo/discuss
This list provided by the League of Professional System Administrators
http://lopsa.org/
