1. Manuals
  2. Brands
  3. Netscape Manuals
  4. Server
  5. NETSCAPE DIRECTORY SERVER 7.0 - DEPLOYMENT
  6. Deployment manual

Password Length; Password Minimum Age; Password History; Password Storage Scheme - Netscape DIRECTORY SERVER 7.0 - DEPLOYMENT Deployment Manual

Hide thumbs
Table of Contents

Advertisement

Designing a Password Policy
By default, password syntax checking is turned off.

Password Length

The Directory Server allows you to specify a minimum length for user passwords.
In general, shorter passwords are easier to crack. You can require passwords that
are from 2 to 512 characters. A good length for passwords is 8 characters. This is
long enough to be difficult to crack but short enough that users can remember the
password without writing it down.
By default, no minimum password length is set.

Password Minimum Age

You can configure the Directory Server not to allow users to change their
passwords for a time you specify. You can use this feature in conjunction with the
passwordHistory
Setting the password minimum age (
instance, prevents a user from repeatedly changing his password during a single
session to cycle through the password history and reuse an old password once it
is removed from the history list. You can specify any number from 0 to 24,855
days. A value of zero (0) indicates that the user can change the password
immediately.

Password History

You can set up the Directory Server to store from 2 to 24 passwords in history, or
you can disable password history, thus allowing users to reuse passwords.
If you set up your password policy to enable password history, the directory
stores a specific number of old passwords. If a user attempts to reuse one of the
passwords the Directory Server has stored, the directory rejects the password.
This feature prevents users from reusing a couple of passwords that are easy to
remember.
The passwords remain in history even if you turn the history feature off. This
means that if you turn the password history option back on, users cannot reuse
the passwords that were in the history before you disabled password history.
The server does not maintain a password history by default.

Password Storage Scheme

The password storage scheme specifies the type of encryption used to store
Directory Server passwords within the directory. You can specify:
152
Netscape Directory Server Deployment Guide • October 2004
attribute to discourage users from reusing old passwords.
passwordMinAge
) attribute to 2 days, for

Advertisement

Table of Contents
loading

Related Manuals for Netscape NETSCAPE DIRECTORY SERVER 7.0 - DEPLOYMENT

Related Content for Netscape NETSCAPE DIRECTORY SERVER 7.0 - DEPLOYMENT

This manual is also suitable for:

Netscape directory server 7.0

Table of Contents