Скачать в pdf «Network+»

Be careful not to lock yourself out. With many network operating systems, only administrators can reset passwords. If you are the administrator and you lock yourself out, only another administrator can unlock your account. If you are the only administrator, you have a problem. Many NOS vendors do have solutions to this problem, but the solution will cost you.

Password Expiration

Passwords, even the best ones, do not age well over time. Eventually someone will guess or crack a password if it never changes. The impact of someone guessing your password is reduced—even if a password is guessed—if passwords are set to expire after a certain amount of time. After this time (which varies and can be set by the administrator), the old password is considered invalid, and a new one must be specified. This new password is valid until it expires and another password must be specified.

Most organizations set up passwords to expire every 30 days. After that, users must reset their passwords immediately or during the allotted grace period. Some systems give the user a few grace logins after the password has expired. As the administrator, you should limit this grace period to a number of times or days.

Each network operating system specifies a password expiration period. If your organization’s policy states that users must change their passwords every 30 days, check to see if your operating system is enforcing that. For example, in NetWare the default expiration date is every 40 days and therefore might need to be changed.

Unique Passwords and Password Histories

In older versions of many network operating systems, users could reset their passwords to their original form after using an intermediary password for a while. More recent network operating systems prevent this practice by using password histories.

Скачать в pdf «Network+»