Educause Security Discussion mailing list archives
Re: Password aging
From: Scott Bradner <sob () HARVARD EDU>
Date: Wed, 7 Jan 2004 19:43:37 -0500
I'm trying to get a sense on how many have a university-wide Password Policy
not here at Harvard (many many different systems) just installed (today) a quite restrictive password checker on the core university PIN system
Second, do any have a password aging rule?
latest research I've seen (see for example the new edition of the Bellovin firewalls book) says that forced password aging reduces not increaces security - i.e. its a bad idea Scott ********** Participation and subscription information for this EDUCAUSE Discussion Group discussion list can be found at http://www.educause.edu/cg/.
Current thread:
- Password aging Seruya, Stewart (Jan 07)
- <Possible follow-ups>
- Re: Password aging Scott Bradner (Jan 07)
- Re: Password aging Gary Dobbins (Jan 07)
- Re: Password aging Tim Lane (Jan 07)
- Re: Password aging Brian Reilly (Jan 07)
- Re: Password aging Theresa M Rowe (Jan 08)
- Re: Password aging Jane Drews (Jan 08)
- Re: Password aging Paul Younker (Jan 08)
- Re: Password aging Dick Jacobson (Jan 08)
- Re: Password aging Paul Russell (Jan 08)
- Re: Password aging Jenny Gluck (Jan 08)
- Re: Password aging Scott Bradner (Jan 08)
(Thread continues...)