1. Manuals
  2. Brands
  3. Netscape Manuals
  4. Server
  5. NETSCAPE DIRECTORY SERVER 7.0 - DEPLOYMENT
  6. Deployment manual

Password Change After Reset; User-Defined Passwords - Netscape DIRECTORY SERVER 7.0 - DEPLOYMENT Deployment Manual

Hide thumbs
Table of Contents

Advertisement

Designing a Password Policy
Password Storage Scheme

Password Change after Reset

The Directory Server password policy lets you decide whether users must change
their passwords after the first login or after the password is reset by the
administrator.
Often the initial passwords set by the administrator follow some sort of
convention, such as the user's initials, user ID, or the company name. Once the
convention is discovered, it is usually the first value tried by a hacker trying to
break in. In this case, it is a good idea to require users to change their passwords
after such a change. If you configure this option for your password policy, users
are required to change their password even if user-defined passwords are
disabled. (See "User-Defined Passwords," on page 150, for information.)
If you choose not to allow users to change their own passwords, administrator
assigned passwords should not follow any obvious convention and should be
difficult to discover.
By default, users do not need to change their passwords after reset.

User-Defined Passwords

You can set up your password policy either to allow or not to allow users to
change their own passwords. A good password is the key to a strong password
policy. Good passwords do not use trivial words—any word that can be found in
a dictionary, names of pets or children, birthdays, user IDs, or any other
information about the user that can be easily discovered (or stored in the directory
itself).
Also, a good password should contain a combination of letters, numbers, and
special characters. Often, however, users simply use passwords that are easy to
remember. This is why some enterprises choose to set passwords for users that
meet the criteria of a "good" password and not allow the users to change the
passwords.
However, assigning passwords to users takes a substantial amount of an
administrator's time. In addition, by providing passwords for users rather than
letting them come up with passwords that are meaningful to them, and therefore
more easily remembered, you run the risk that the users will write their
passwords down somewhere where they can be discovered.
By default, user-defined passwords are allowed.
150
Netscape Directory Server Deployment Guide • October 2004

Advertisement

Table of Contents
loading

Related Manuals for Netscape NETSCAPE DIRECTORY SERVER 7.0 - DEPLOYMENT

Related Content for Netscape NETSCAPE DIRECTORY SERVER 7.0 - DEPLOYMENT

This manual is also suitable for:

Netscape directory server 7.0

Table of Contents