Relay-Version: version B 2.10 5/3/83; site utzoo.UUCP
Path: utzoo!utgpu!water!watnot!watmath!clyde!rutgers!mit-eddie!genrad!decvax!decwrl!pyramid!prls!philabs!aecom!naftoli
From: naftoli@aecom.UUCP
Newsgroups: comp.unix.wizards
Subject: Re: How do you manage multiple /etc/passwd files?
Message-ID: <905@aecom.UUCP>
Date: Mon, 16-Feb-87 15:41:28 EST
Article-I.D.: aecom.905
Posted: Mon Feb 16 15:41:28 1987
Date-Received: Tue, 17-Feb-87 22:53:54 EST
References: <2253@felix.UUCP> <286@desoto.UUCP>
Organization: Albert Einstein College of Medicine, NY
Lines: 25
Summary: Password aging is a cloudy issue

In article <286@desoto.UUCP>, shz@desoto.UUCP (S. Zirin) writes:
> In addition, you should probably use password aging to 
> require your users to change their passwords periodically.

It has been debated whether password aging is a useful security
measure.  Some cons:

1. People who are forced to change their passwords in order to
   log on tend to think of some quick and dirty password which
   will be easy to remember.  It has been shown that systems that
   have password aging had the simplest passwords of all.

2. It confuses novice users to be thrown into the passwd(1)
   command upon login.

3. Users often forget their new password increasing the administrative
   hassle.

I believe this was discussed in a paper distributed with some UNIX
releases entitled "On the Security of UNIX."
-- 
Robert N. Berlinger
Systems Analyst, Scientific Computing Center		Compuserve: 73047,741
Albert Einstein College of Medicine			Easylink:   62956067
UUCP: ...{philabs,cucard,pegasus,rocky2}!aecom!naftoli	GEnie:	    R.Berlinger