<html><head></head><body><p dir="ltr">13 char with special chars and punch chars but no spaces; three; no we don't have any Linux/UNIX systems; never; N/A; no systems having keys. For what it's worth the server we have has no internet access and the company uses Time Warner's SonicWALL filtering system.</p>
<br><br><div class="gmail_quote">On May 2, 2014 8:30:17 PM EDT, Brian <bnmille@gmail.com> wrote:<blockquote class="gmail_quote" style="margin: 0pt 0pt 0pt 0.8ex; border-left: 1px solid rgb(204, 204, 204); padding-left: 1ex;">
<div dir="ltr"><div><div><div><div>Due to a major re-organization at work, we are reviewing and/or implementing some new security policies. I personally think some of the proposed policies are not going to help security at all. So I thought I would take a survey to see what policies/practices are in place at other businesses. These are specific to UNIX/Linux systems. Active Directory users need not respond.<br />
<br /></div>1. How long do your passwords need to be? Are you required to have non-alphabetic characters? How many passwords do you have to cycle through before you can re-use a password? Do you have a centralized authentication system? If you don't have centralized authentication, can you use the same password on all UNIX/Linux systems?<br />
<br /></div>2. How often do you need to change passwords? Do you have any policy which allows exceptions to the password change frequency?<br /><br /></div>3. If you are allowed to use public keys, are you required to replace your keys on some sort of schedule?<br />
<br /></div>Thanks.<br /><br /></div>
<p style="margin-top: 2.5em; margin-bottom: 1em; border-bottom: 1px solid #000"></p><pre class="k9mail"><hr /><br />colug-432 mailing list<br />colug-432@colug.net<br /><a href="http://lists.colug.net/mailman/listinfo/colug-432">http://lists.colug.net/mailman/listinfo/colug-432</a><br /></pre></blockquote></div><br>
-- <br>
Sent from Kaiten Mail. Please excuse my brevity.</body></html>