Re: [IUG] Password Aging, Anyone?
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
- Date: Fri, 8 Dec 2006 13:47:21 -0500 (EST)
- From: "Byron C. Mayes" <bcmayes at temple dot edu>
- Subject: Re: [IUG] Password Aging, Anyone?
Kyle,
Would you (or anyone else) have such a script available and
willing to share?
I'm definitely looking for an automated method as we don't
have staff exclusively dedicated to the ILS (like most larger
places). That's combined with desktop support and I'm not
willing to sacrifice my department's workflow any more than
that of any other.
Thanks for the replies. If anyone has any other ideas, keep
'em coming.
Byron
On 12/8/06 12:29 PM, "Kyle Banerjee" <kyle dot banerjee at gmail dot com>
wrote:
>> We check Pass and Auth in Millennium (Admin--Passwords and
>> Authorizations) for the date the password was last changed.
Our head of
>> Systems sends e-mail to those who have a password older
than 3 months.
>
> I would expect that many staff will just set up a junk mail
filter for
> the reminder or quickly discover that if they ignore it, nothing
> happens.
>
> The only way to guarantee that the password is changed is to
actually
> expire it. Although ugly, this could be accomplished by an
expect
> script that randomly generates passwords for all the users
every 90
> days.
>
> People need to be informed of their new passwords quickly or
you will
> cripple your workflow. As a result, you'll probably have to
distribute
> them via email along with instructions on how to change them to
> something else.
>
> <soapbox>Don't worry about the security implications of sending
> passwords via cleartext in email. No one can remember
passwords that
> constantly change (especially "secure" ones), so you're
pretty much
> guaranteed that staff will write them down on post it notes.
If goofy
> passwords written on paper doesn't concern auditors, an email
> containing one shouldn't either</soapbox>
>
> kyle
> **********************************************
> Kyle Banerjee
> Oregon State Library
> 250 Winter ST
> Salem, OR 97301-3950
> (503)378-5387
> kyle dot banerjee at state dot or dot us | http://alptown.com
> --
> This message was distributed through the Innovative Users
Group INNOPAC list
> Public replies: INNOPAC at innopacusers dot org
> Update your subscription options:
> http://innopacusers.org/mailman/listinfo/innopac
--
Byron C. Mayes, MLS
Head, Library Systems and Technology
Temple University * Philadelphia, PA
bcmayes at temple dot edu
Listowner: BLACK-IP, The Black Information Professionals' Network