[unisog] Password Expiration Policy

Joshua Krage jkrage at guisarme.us
Mon Oct 15 01:56:47 GMT 2007


On Fri, Oct 12, 2007 at 09:28:20AM -0400, Ian Lazerwitz wrote:
> I would like to get some information for my management regard a password
> expiration policy.  General University management has reservations about
> putting a policy like this in place.  Please take the time to answer the
> following questions.

In the interest of a counter-argument:
    <http://www.cerias.purdue.edu/weblogs/spaf/general/post-30/>

That said, nearly every audit or review of security policy will hilight the
need for such a policy.  And after the fifth time the same account is hit by
a password guesser, patience is slim. :)



More information about the unisog mailing list