[techtalk] password policy?
Nicole Zimmerman
colby at wsu.edu
Mon Jun 18 19:16:31 EST 2001
I am attempting to use Unix Services for Windows on an 2k/NT/linux
network. One of the warnings with the password synchronization services is
that the password policies must be the same or it is possible for linux to
accept the new password and windows to reject it on synch. I have never
done password policies in linux before.
What's the best way (IYHO) to do linux password policies? I think some of
this can be accomplished with cracklib. The policies need to at least
match, the unix one can be stronger than the windows policy (I don't think
the policy problem works both ways).
Our password criteria:
Different from last 5 passwords.
7 characters or more.
Fits 3 of the following 4 criteria:
Upper case letters
Lower case letters
Numbers
Special characters
Cannot contain username or full name (I don't know if the name part is
enforced).
Expire every 90 days.
All boxes using the password policies are current debian machines.
Ideas are appreciated :o)
-nicole
More information about the Techtalk
mailing list