Re: minimum number of days between password change
Hi, Ron:
On Monday 01 November 2010 18:49:01 Ron Johnson wrote:
[...]
> If someone learns my password on day 2, they have full access to my
> account for 74 days, or I must beg for SysAdmin help?
>
> "Minimum number of days" isn't a very bright idea.
It is, for a low minimum number.
The rationale is to avoid the user reusing passwords: Ok, so my password is
12345678 and I must change it now? Let's do it: 87654321; but immediately I
change back again.
So if the minimum change time is about a week, it takes about the same effort
to learn the new password than to change it back.
Cheers.
Reply to: