Re: [IUG] Password Aging, Anyone?
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
- Date: Fri, 8 Dec 2006 13:47:21 -0500 (EST)
- From: "Byron C. Mayes" <bcmayes at temple dot edu>
- Subject: Re: [IUG] Password Aging, Anyone?
Would you (or anyone else) have such a script available and
willing to share?
I'm definitely looking for an automated method as we don't
have staff exclusively dedicated to the ILS (like most larger
places). That's combined with desktop support and I'm not
willing to sacrifice my department's workflow any more than
that of any other.
Thanks for the replies. If anyone has any other ideas, keep
On 12/8/06 12:29 PM, "Kyle Banerjee" <kyle dot banerjee at gmail dot com>
>> We check Pass and Auth in Millennium (Admin--Passwords and
>> Authorizations) for the date the password was last changed.
Our head of
>> Systems sends e-mail to those who have a password older
than 3 months.
> I would expect that many staff will just set up a junk mail
> the reminder or quickly discover that if they ignore it, nothing
> The only way to guarantee that the password is changed is to
> expire it. Although ugly, this could be accomplished by an
> script that randomly generates passwords for all the users
> People need to be informed of their new passwords quickly or
> cripple your workflow. As a result, you'll probably have to
> them via email along with instructions on how to change them to
> something else.
> <soapbox>Don't worry about the security implications of sending
> passwords via cleartext in email. No one can remember
> constantly change (especially "secure" ones), so you're
> guaranteed that staff will write them down on post it notes.
> passwords written on paper doesn't concern auditors, an email
> containing one shouldn't either</soapbox>
> Kyle Banerjee
> Oregon State Library
> 250 Winter ST
> Salem, OR 97301-3950
> kyle dot banerjee at state dot or dot us | http://alptown.com
> This message was distributed through the Innovative Users
Group INNOPAC list
> Public replies: INNOPAC at innopacusers dot org
> Update your subscription options:
Byron C. Mayes, MLS
Head, Library Systems and Technology
Temple University * Philadelphia, PA
bcmayes at temple dot edu
Listowner: BLACK-IP, The Black Information Professionals' Network