Maybe it's time to reopen the discussion on password aging and password
strength. netID for everything opens the issues that Stef is talking about.
In my opinion:
- netID passwords should expire annually
- netID passwords should be subjected to some type of strength analysis
I think we shouldn't expire passwords more frequently than annually,
since that would just encourage people to write them on stickynotes and
put them on their monitors.
Stefanie Ploof wrote:
> Oh Chris, I thought at least you would share my concern. Am I the only
> one who gets that strangely unsettled feeling that we are changing all our
> services to use the same ID and password? I know it's too late to stop
> the train, but I get sick to my stomach over the idea that people share
> passwords like candy so now if someone knows a calendar password they know
> the email password, Active Directory password, etc. etc.
Tech Support Group, Computing & Information Technology
The University of Vermont