Re: [IUG] Setting Password Policies

[Bob Duncan <duncanr at lafayette dot edu>]

At 12:03 AM 07/17/2008, Edward wrote:
> We have not yet established policies, as I am trying to determine 
> whether this options applied only to Millennium client logins, or 
> can it be applied to the 'initial'/password combination.  The manual 
> is not clear on this.  If anyone knows the answer, I would love to hear.  :)

It seemed clear to me that it applies only to logins, but in the 
absence of hard information I usually say "let's just turn the darn 
thing on and see what happens."  On our system, when you turn the 
darn thing on, this is what happens (YMMV):

-  The policies apply to Millennium logins only.
-  All existing logins were exempted from the policies after I turned 
it on.  You have to specifically "un-exempt" a login for the policies to apply.
-  When you create a new login, it is exempt from the policies by default.
-  If a manager changes a password for a login via "Edit Login", 
there's a checkbox to require the login to change the password on 
first use.  It appears that a manager-set password is not subject to 
the policies, but it's hard to tell for sure in light of the fact that...
-  ...most of the password composition policies don't work---only the 
minimum length and numeric character minimum were applied.  Forcing a 
change on first login works and the limit login setting works;  I 
haven't played with the expiration policy.

Let me stress that your mileage may vary---it's hard to believe that 
this feature got out of beta in such a flawed state, so it could be 
something funky with our system.

Bob "off to open a call" Duncan


~!~!~!~!~!~!~!~!~!~!~!~!~
Robert E. Duncan
Systems Librarian
Editor of IT Communications
Lafayette College
Easton, PA  18042
duncanr at lafayette dot edu
http://www.library.lafayette.edu/