?

Log in

IT follies - Herveus rambles
May 15th, 2012
03:59 pm

[Link]

Previous Entry Share Next Entry
IT follies
Because of "heightened security", passwords now expire in 30 days instead of 90.

Oooookay.

The system nags you about a "soon to expire" password for the last 14 days of the period.

Oooookay.

That means that either you change you password every two weeks to shut it up, or you have to affirmatively dismiss the warning, which, by the way, causes the authentication dialog to reappear in the browser. And that will be happening two weeks out of four. Brilliant.

I'm having a hard time seeing how this enhances anything other than irritation on the part of users.

This entry was originally posted at http://herveus.dreamwidth.org/107461.html. Please comment there using OpenID.

Current Mood: crankycranky
Tags:

(11 comments | Leave a comment)

Comments
 
[User Picture]
From:cormac
Date:May 15th, 2012 08:09 pm (UTC)
(Link)
Mission accomplished!
[User Picture]
From:northernwalker
Date:May 15th, 2012 08:21 pm (UTC)
(Link)
Not to mention confusion for the poor person who's got to remember the new password- again.
[User Picture]
From:math5
Date:May 15th, 2012 08:55 pm (UTC)
(Link)
Just put a post-it on your screen :)
[User Picture]
From:northernwalker
Date:May 16th, 2012 01:06 am (UTC)
(Link)
That should make security's head explode nicely. ;)
[User Picture]
From:goldsquare
Date:May 15th, 2012 09:20 pm (UTC)
(Link)
Of course, one cannot re-use passwords, and they must follow certain patterns that LOWER their information content and make them more guessable.

IT people need to read the research on password policies.
[User Picture]
From:suzilem
Date:May 15th, 2012 11:38 pm (UTC)
(Link)
Yeah, including LENGTHENING the damn things. I'm on a firstname basis with the poor first level support guy on the help desk who resets passwords. :-) (as an extra special benefit, if we flumble finger three times, not only is our machine locked out, even after the help desk unlocks it and resets the password, we can't log in and have to go to another desk, log in, and reset the password to "another" new password). Luckily, ours has only been cut back to 60 days.
[User Picture]
From:herveus
Date:May 16th, 2012 01:16 am (UTC)
(Link)
I should add that this won't have so much affect on those at the office. Those of us who have to connect to the intranet to check company email, or do our daily time cards have to deal with this.

The note that warned us of the change also said that we were to change our passwords and to make the new one "markedly different" from the old one. That's certainly not being enforced programatically. DAMHIKT.

[User Picture]
From:dragonazure
Date:May 16th, 2012 01:40 pm (UTC)
(Link)
You guys have only just NOW started the 30-day cycle? I've been on that for *ages*.

But yeah, the two-week notice is just stupid--unless you have a lot of people who tend to not log in for a week at a time. It may have made some sort of sense on a 90-day cycle, but not for a 30-day cycle. A more reasonable compromise is a set number of "grace" logins at the end of the password change time period before the system locks you out.
[User Picture]
From:jpgsawyer
Date:May 16th, 2012 06:00 pm (UTC)
(Link)
You are not the only one. I have been to places that do this..... result is less security but you try telling that to the idiots that actually made the decision I tell you they don't know anything about anything!

Its very very annoying to do that. I never understood why there is a 14 day reminder anyway its not like you get kicked off the system if you don't change your password in those 14 days... you just have to change the password when you log in after the 14 days!
[User Picture]
From:rlg
Date:May 18th, 2012 03:02 am (UTC)
(Link)
My job does 90 days/14 days warning. Despite that, we still get calls to re-set passwords because the person in question hasn't "checked webmail in about 4 months, why?"
From:catelongley
Date:November 2nd, 2012 12:07 pm (UTC)
(Link)
Before doing some Removals, be sure that you have advised the owner before doing anything on their things. This is the best way to ensure the safety of the things that they store in the facility.
My Website Powered by LiveJournal.com