Security Basics mailing list archives
RE: passwords
From: "Shanna Daly" <SDaly () securenet com au>
Date: Thu, 20 Feb 2003 08:58:21 +1100
Just been on a course and they drummed this into us "if its not in writing, don't do it". If you are going to run any network tool, make sure that you have permission in writing from the appropriate person. But aside from that, its true, if you badger them enough they will conform :) Shanna -----Original Message----- From: simsjs [mailto:sims () interex org] Sent: Wednesday, 19 February 2003 9:05 AM To: ullmic6; security-basics Subject: Re: passwords With this being said, you have to make sure that you will not get in trouble for running this crack on your users, check the security policy and make sure it is clearly stated there whether or not you have this right. If you do not have a security policy, you should create one (these are great for covering your rear). Also notify your manager what you are going to do and show him where the security policy says you have the right to do it. After a few times doing this, you will find that users would rather pick something to get you off their backs than to have to listen to your lecture every few months.
Current thread:
- Re: passwords, (continued)
- Re: passwords multics (Feb 19)
- Re: passwords jl (Feb 20)
- Re: passwords Ross Nelson (Feb 19)
- RE: passwords Tim V - DZ (Feb 19)
- Re: passwords eer7y3n0h (Feb 19)
- Re: passwords Chris Berry (Feb 19)
- RE: passwords Robinson, Sonja (Feb 19)
- RE: passwords Vince Dang (Feb 20)
- RE: passwords Chris Berry (Feb 20)
- Re: passwords Chris Berry (Feb 20)
- RE: passwords Shanna Daly (Feb 20)
- RE: passwords Trevor Cushen (Feb 20)
- Re: passwords Glen Mehn (Feb 20)
- RE: passwords Tim Heagarty (Feb 20)
- RE: passwords Högman, Lars (Feb 22)
- Re: passwords multics (Feb 19)