[colug-432] password survey

Brian bnmille at gmail.com
Fri May 2 20:30:17 EDT 2014


Due to a major re-organization at work, we are reviewing and/or
implementing some new security policies.  I personally think some of the
proposed policies are not going to help security at all.  So I thought I
would take a survey to see what policies/practices are in place at other
businesses.  These are specific to UNIX/Linux systems.  Active Directory
users need not respond.

1.  How long do your passwords need to be?  Are you required to have
non-alphabetic characters?  How many passwords do you have to cycle through
before you can re-use a password?  Do you have a centralized authentication
system?  If you don't have centralized authentication, can you use the same
password on all UNIX/Linux systems?

2.  How often do you need to change passwords?  Do you have any policy
which allows exceptions to the password change frequency?

3.  If you are allowed to use public keys, are you required to replace your
keys on some sort of schedule?

Thanks.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.colug.net/pipermail/colug-432/attachments/20140502/15b79117/attachment.html 


More information about the colug-432 mailing list