On Wed, Aug 28, 2002 at 07:22:31PM -0500, Bob Tanner wrote:
> Quoting Ben Bargabus (ben_b at ppdonline.com):
> > none of these people will dump their Windows environments because it's
> > "unsafe", they'll expect you to make it safe.  these are financial
> > people and are generally uncomfortable with change.). 
> 
> I'll speak up here. 

Me too.

> Simple example. Mandatory password aging. Every 30 days you expire all passwords
> and force the user to choose a new, non-dictionary, not-used-before password.
> Gonna have a change, every 30 days.

Do you know what will this guarantee? That in less than 30 seconds by 
looking under the monitor, under the desk and the top drawer you will find
the post-it with the last 5 passwords.

Bob, when was the last time you changed you house keys? Your office
keys? Your office alarm code?

Give me a break.

florin

-- 

"If it's not broken, let's fix it till it is."

41A9 2BDE 8E11 F1C5 87A6  03EE 34B3 E075 3B90 DFE4
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url : http://shadowknight.real-time.com/pipermail/tclug-list/attachments/20020829/a43f6f6b/attachment.pgp