Re: Password History Policy Question

On Thu, Jan 17, 2008 at 02:54:47PM -0600, John Hascall wrote:[color=blue]
>
> <soapbox>
> I realize that these sorts of password rules are often externally dictated,
> but it's not clear to me (or many others) that they actually have a positive
> effect on security).
> </soapbox>
> [/color]
They don't. In fact, it has been demonstrated time and again that these
sorts of draconian policies have a negative effect on security.

--
Roberto C. Sánchez
[url]http://people.connexer.com/~roberto[/url]
[url]http://www.connexer.com[/url]

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)

iD8DBQFHj9RK5SXWIKfIlGQRAoAbAJ9CKfwY5HiPkES4ufShn6nUdJTFWwCeOl/b
vvBbFOatEUZFp/+D8LMBPFE=
=InAX
-----END PGP SIGNATURE-----