Beefy Boxes and Bandwidth Generously Provided by pair Networks
go ahead... be a heretic
 
PerlMonks  

RE: Ethics of Passwords

by lindex (Friar)
on Aug 15, 2000 at 16:30 UTC ( #27908=note: print w/replies, xml ) Need Help??


in reply to Ethics of Passwords

Well the last ISP I worked for maintained a pretty simple
policy for passwords that worked out well.
We randomly generated them all and never stored them.
Sure the users didnt like weird long passwords but they never
complained much after we explained to them how much that improves security.
so its easy:
  • Randomly generated a password on account creation
  • If password is lost, match secret phrase (mother maiden name, etc ..)
    and reset it with another randomly genereated password.
  • Make sure have a explanation on your page as to why you password policy is secure.



lindex
/****************************/ jason@gost.net, wh@ckz.org http://jason.gost.net /*****************************/

Log In?
Username:
Password:

What's my password?
Create A New User
Domain Nodelet?
Node Status?
node history
Node Type: note [id://27908]
help
Chatterbox?
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others exploiting the Monastery: (4)
As of 2022-12-02 09:16 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?
    Notices?