One place I was at that made everyone change their password *weekly*…monthly I could understand, but weekly? I think everyone in IT who could do this, did this.
Monday’s helpdesk tickets often were users locking themselves out. Changed their password the Friday before, then forgot the new one over the weekend.
Cyclic password change requirement is a PITA, both for users and admins. On top of that it does more to lower the security than help it. Users tend to stick new passwords on sticky notes on their monitors, or use the same password+number etc. Changing once a year should be enough, assuming one does have a good, long and complex password and keeps it safe. Also: for Linux servers it’s best to just disable password login and just use ssh keys.
Which is why we enforce both password history and minimum password age policies. Want to go back to your old password? Sure, go right ahead. It’s only gonna take you seven weeks to get your old password back, m’fer. Muahahahahahaha
![No Admin Ever Does This, Right? [comic]](https://i0.wp.com/faildesk.net/wp-content/uploads/2012/12/no_never_done_this.jpg?fit=640%2C945&ssl=1 "No Admin Ever Does This, Right? [comic]")
via [unknown]
Passwords must meet complexity they said, it’ll be secure they said…
One place I was at that made everyone change their password *weekly*…monthly I could understand, but weekly? I think everyone in IT who could do this, did this.
Monday’s helpdesk tickets often were users locking themselves out. Changed their password the Friday before, then forgot the new one over the weekend.
Cyclic password change requirement is a PITA, both for users and admins. On top of that it does more to lower the security than help it. Users tend to stick new passwords on sticky notes on their monitors, or use the same password+number etc. Changing once a year should be enough, assuming one does have a good, long and complex password and keeps it safe. Also: for Linux servers it’s best to just disable password login and just use ssh keys.
Well, no. Here is powershell script for changing password 25 times and then to first password. http://pastebin.com/99M4wVmu
Which is why we enforce both password history and minimum password age policies. Want to go back to your old password? Sure, go right ahead. It’s only gonna take you seven weeks to get your old password back, m’fer. Muahahahahahaha