Re: Politics user problem

Steven Schweda · ‎12-15-2009

> Users should be able to use words in
> combination with numbers to create
> something memorable.

I agree. However, few people these days have
only one password to remember, and
remembering many good passwords may be more
difficult than remembering one. Every
organization gets to set its own policy, but
choosing an optimal password lifetime is, I
claim, not a trivial problem.

Everything's complicated.

Nick W · ‎12-16-2009

re users having to remember multiple passwords & sticky notes...

One solution is for users to use a Password Vault Application - I use KeePass, which also has approval by my IT organisation.

Main Advantage is that users can then apply more rigorous passwords for individual accounts, which can then be made unique - so should a password ever be compromised/discovered, then the damage limitation can be more effective (alternative scenario is that a very few passwords are used all over - which increases the risk for damage in the event of compromise/password discovery...)

Hope it helps

Nick 'dubya'

Eli Daniel · ‎12-16-2009

The option SAM "Modify Security Policies..." "Password Aging Policies.."

if this disable, the password never expire?

Note: view attachment

Patrick Wallek · ‎12-16-2009

Correct.

Eli Daniel · ‎12-16-2009

patrick one last question, according to the attachment as it is the actual expiration time of this password 90 days or 180 days? I do not understand these options attachment

Vishu · ‎12-16-2009

Hi Eli,

90 days refers that your password will get expired after 90 days and 180 days in your attachment says that even if you dont change your password after your password expiration time for another 90 days i.e. total of 180 days, your user account will get locked.

Eli Daniel · ‎12-16-2009

So this would be a bad practice?
Time Between Password Changes (days): 1
Password Expiration Time (days): 90
Password Expiration Warning Time (days): 7
Password Life Time (days): 180

the best practice should be:
Time Between Password Changes (days): 1
Password Expiration Time (days): 90
Password Expiration Warning Time (days): 7
Password Life Time (days): 90
this is correct?
I need is to force the user to change their password after 90 days
(with the single-user exepcion)

Eli Daniel · ‎12-16-2009

Thanks

Categories

Company

Local Language

Forums

Discussions

Forums

Discussions

Discussions

Forums

Discussions

Forums

Discussions

Forums

Forums

Discussions

Forums

Discussions

Forums

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Community

Resources

Other HPE Sites

Discussions

Forums

Blogs

Re: Politics user problem