Re: Password changes more than once per day

From: Charlie Fraser (fraserc_at_mail.montclair.edu)
Date: 02/11/04

  • Next message: Gene LeDuc: "RE: Password changes more than once per day"
    Date: Tue, 10 Feb 2004 19:06:48 -0500
    To: Bob Kelley <bob_kelley_jr@yahoo.com>
    
    

    Bob, IMHO even once a day is too often. Having this policy in place puts
    a natural check and balance to alert the security and IT staff that
    there may be a security problem. If a user needs to change their
    password more than once a week something is going on. What is the user's
    rational to this request? Just curious.

    Charlie

    Bob Kelley wrote:

    >Can someone please explain the security implications of allowing a user to change their password more than one time per day without involving an account administrator? What's the risk ?
    >
    >
    >
    >I specified the security requirement of not allowing a user to change their password more than once per day for an outsourcing project and I am being asked why. I could not remember my reasoning other than it's a requirement for microsoft security policies to ensure password history is enforced.
    >
    >
    >
    >Thanks!
    >
    >---------------------------------------------------------------------------
    >Free trial: Astaro Security Linux -- firewall with Spam/Virus Protection
    >
    >Protect your network with the comprehensive security solution that
    >integrates six applications for ease of use and lower TCO.
    >
    >Firewall - Virus protection - Spam protection - URL blocking - VPN
    >- Wireless security.
    >
    >Download 30-day evaluation at:
    >http://www.astaro.com/php/contact/securityfocus.php
    >----------------------------------------------------------------------------
    >
    >
    >

    -- 
    Charlie Fraser
    Systems Engineer MCSE, CCEA, A+
    Montclair State University
    973-655-7868
    fraserc@mail.montclair.edu
    ---------------------------------------------------------------------------
    Free trial: Astaro Security Linux -- firewall with Spam/Virus Protection
    Protect your network with the comprehensive security solution that
    integrates six applications for ease of use and lower TCO.
    Firewall - Virus protection - Spam protection - URL blocking - VPN
    - Wireless security.
    Download 30-day evaluation at:
    http://www.astaro.com/php/contact/securityfocus.php
    ----------------------------------------------------------------------------
    

  • Next message: Gene LeDuc: "RE: Password changes more than once per day"

    Relevant Pages

    • Re: ,net Users IIS
      ... I have for users but Bob is not one of them. ... With security trimmings on with a sitemap, ... you simply need to exclude the default page and login page from the mix. ... You can secure subdirectories with their own web.config while ...
      (microsoft.public.dotnet.framework.aspnet)
    • Re: ,net Users IIS
      ... I have for users but Bob is not one of them. ... With security trimmings on with a sitemap, ... you simply need to exclude the default page and login page from the mix. ... You can secure subdirectories with their own web.config while ...
      (microsoft.public.dotnet.framework.aspnet)
    • Re: Why everyone uses envelopes but few encrypt emails?
      ... Bob is never going to check his own address, ... Marty still has to be eliminated. ... system with a glaring security hole you could ram a Dodge through. ... an enemy surveilling me and I had to get a secure message past him. ...
      (sci.crypt)
    • Re: NTLM authentication
      ... EventLog and watch the security events after each bind. ... This should fail because authentication will be done to the LOCAL SAM and you said BOB ... where domain is your logon domain and user a domain account. ... makes it possible for the Security Provider to make a distinction between a local account ...
      (microsoft.public.dotnet.languages.csharp)
    • Re: Firewall for VMS / TRU64
      ... >>security by providing an additional security layer on internal networks. ... >>It can prevent your site from receiving datagrams from certain networks ... >>Sorry Bob but TCPware don't agree with you either. ...
      (comp.os.vms)