nanog mailing list archives
Re: AD and enforced password policies
From: Måns Nilsson <mansaxel () besserwisser org>
Date: Wed, 4 Jan 2012 10:03:28 +0100
Subject: Re: AD and enforced password policies Date: Tue, Jan 03, 2012 at 10:58:35PM -0600 Quoting Jimmy Hess (mysidia () gmail com):
Manual forced immediate password expiration should be in the security admin's toolbox as a possible response to observation of questionable or potentially remotely suspicious activity on a system that user had been logged into recently.
Indeed. If doubt arises, just change. Have been on the fringe of a kdc compromise. 10000 students and faculty were required to show up in person and change on approved terminals. -- Måns Nilsson primary/secondary/besserwisser/machina MN-1334-RIPE +46 705 989668 Wow! Look!! A stray meatball!! Let's interview it!
Attachment:
signature.asc
Description: Digital signature
Current thread:
- Re: AD and enforced password policies, (continued)
- Re: AD and enforced password policies Michael Thomas (Jan 03)
- Re: AD and enforced password policies Måns Nilsson (Jan 03)
- Re: AD and enforced password policies Tim Franklin (Jan 03)
- Re: AD and enforced password policies Måns Nilsson (Jan 04)
- Re: AD and enforced password policies Randy Bush (Jan 03)
- Re: AD and enforced password policies Todd Underwood (Jan 03)
- Re: AD and enforced password policies Steven Bellovin (Jan 03)
- RE: AD and enforced password policies Jones, Barry (Jan 05)
- Re: AD and enforced password policies Gary Buhrmaster (Jan 03)
- Re: AD and enforced password policies Jimmy Hess (Jan 03)
- Re: AD and enforced password policies Måns Nilsson (Jan 04)
- Re: AD and enforced password policies Steven Bellovin (Jan 02)
- Re: AD and enforced password policies Lyndon Nerenberg (Jan 02)
- Re: AD and enforced password policies Steven Bellovin (Jan 02)
- Re: AD and enforced password policies Jimmy Hess (Jan 02)