[Samba] Forcing Users to change passwords.
toddobryan at mac.com
Fri Dec 12 10:23:25 GMT 2003
Does anyone know of an add-on you can use with a Windows domain to
check the security of the password before it allows a change? With a
terminal server system I had, the server complained if the password was
too close to a dictionary word, too close to the student login, 7
digits (i.e., looked like a phone number), etc.
I'm sure my students (I teach high school, too) have picked really bad
passwords, too, but I have no good way to enforce the picking of good
On Dec 12, 2003, at 3:30 AM, Ross McInnes (Systems) wrote:
> i totally agree. unfortunatly my user base is mostly 16-18 year olds.
> getting them to put anything other than thier football team, phone
> or boyfriend/girlfriend's name is quite a task in it self.
> Many Thanks
> Ross McInnes
> On Wed, 10 Dec 2003, Todd O'Bryan wrote:
>> What's the latest research on this? I heard it's better to make users
>> pick something secure and stick with it, because if you force people
>> change, they're likely to pick less secure passwords and do stupid
>> things with them, like write them down or something. Changing every 3
>> months doesn't seem terrible, but it's still a big pain.
>> Todd O'Bryan
>> On Dec 10, 2003, at 8:28 AM, Ross McInnes (Systems) wrote:
>>> Recently we were audited and as part of that they looked at our
>>> and policies etc and produced a report.
>>> As part of that report they mentioned about forcing users to change
>>> passwords every 90 days or so.
>>> They also mentioned about disabling accounts after 3 login attempts.
>>> Im pretty sure both can be done on NT, but id rather stick with rh
>>> samba thanks ever so much.
>>> Can samba does these things? even if its a tinkering kind of job?
>>> Many thanks
>>> Ross McInnes
>>> To unsubscribe from this list go to the following URL and read the
>>> instructions: http://lists.samba.org/mailman/listinfo/samba
More information about the samba