Designing A Password Policy; Password Policy Attributes; Password Change After Reset - Netscape DIRECTORY SERVER 6.01 - DEPLOYMENT Deployment Manual

Designing a Password Policy

A password policy is a set of rules that govern how passwords are used in a given
system. The password policy mechanism provided by Directory Server allows you
to dictate such things as how short a password must be and whether users can
reuse passwords. When users attempt to bind to the directory, the directory
compares the password with the value in the password attribute of the user's
directory entry to make sure they match. Directory Server also uses the rules
defined by the password policy to ensure that the password is valid before
allowing the user to bind to the directory.

Password Policy Attributes

This section describes the attributes you set to create a password policy for your
server. The attributes are described in the following sections:
• User-Defined Passwords
•

Password Change After Reset

• Password Expiration
• Expiration Warning
• Password Syntax Checking
• Password Length
• Password Minimum Age
• Password History
• Password Storage Scheme
Password Change After Reset
The Directory Server password policy lets you decide whether users must change
their passwords after the first login or after the password is reset by the
administrator.
Designing a Password Policy
Chapter 7 Designing a Secure Directory 129