[Samba] Password Policy - how to reduce password complexity
Neal Murphy
neal.p.murphy at alum.wpi.edu
Sat Mar 2 23:09:47 MST 2013
On Sunday, March 03, 2013 12:25:49 AM Gregory Sloop wrote:
> IMO, for most of my mid-to-smaller clients, I disable password
> complexity requirements. I also disable the "can't reuse passwords for
> 4675 years. (sarcasm)"
I take this one step further for small offices--without IT staff--where pretty
much everyone knows everyone's business. *I* dream up mnemonic passwords based
on what they do and what the business does. Staff members easily remember the
passwords and the business admin keeps the list in an inaccessible location in
a password-protected spreadsheet along with all the internet passwords they
use to purchase equipment and supplies and renew licenses. The main benefits:
- They use reasonably strong passwords
- They remember the passwords
- I can log in as them when they have access problems
- When someone leaves, needed internet accounts are continued with a
mere email/name/password change
I periodically change all the passwords, but not frequently. Staff have better
things to do than having to memorize a new password whenever they sneeze.
I also put wireless outside the firewalled office LAN and require employees to
use openVPN to access the protected LAN from wireless or internet (they're
really the same). But I digress.
More information about the samba
mailing list