Procedures, policies and constraints on password entry, lifetime, change, strength, and storage. An essential part of access management, together with policies on other forms of authentication.
Questions tagged [password-management]
154 questions
3
votes
4 answers
Password Manager, integrated with Active Directory
We have several passwords and key phrases that we need to store in a central place. However, we need to protect this information so others cannot access it.
Our thoughts are to have a password manager that integrates with active directory. By…
Clarence Klopfstein
- 183
- 1
- 7
3
votes
3 answers
Good ways to disseminate login information, especially when new users are created?
When you create user logins in bulk, with set passwords as many users are unlikely to change their passwords, how do you disseminate the information?
Students in our school division are automatically assigned a username and password after…
Clinton Blackmore
- 3,510
- 6
- 35
- 61
3
votes
5 answers
How can I use fetchmail (or another email grabber) with OSX keychain for authentication?
Many fetchmail tutorials I've read says putting your email account password clear-text in a config file is safe. However, I prefer security through layers [***silly example:* if my terminal is up and someone suspecting such email foolery slides over…
bias
- 225
- 3
- 13
2
votes
0 answers
SSH disconnects on changing expired password
I enabled password expiration on my Debian 8 server and today my password expired.
When I login through SSH, the server forces me to change my password now. I had to enter the old password, specify a new password and also confirm my new…
TrustedCreeper
- 21
- 5
2
votes
1 answer
Postfix + Dovecot with MySQL backend: md5-hashed passwords and CRAM-MD5 auth
My question
What are the risks of switching from MD5 to CRAM-MD5 passwords in the database, especially considering the following, and how to approach that for an existing installation (provided I know the plain text passwords)?
With (switching to)…
Izzy
- 349
- 4
- 19
2
votes
3 answers
Unable to change domain password even if the password is complex
I have a problem with users not being able to change their passwords.
When they try to change the password, they get this error:
"Your new password does not meet the length, complexity, or history requirements of your domain. Try choosing a…
user2629636
- 752
- 5
- 19
- 38
2
votes
1 answer
Password reset fails for end users when minimum password age set for more than 0 days
Our Help Desk has been resetting user passwords with "user must reset password at next logon" for years.
Recently reset default domain policy for "minimum password age" from 0 days to 5 days.
Now when Help Desk resets user password with user must…
Larwills
- 21
- 1
- 1
- 2
2
votes
1 answer
Token error when trying to change password through pam-mysql
I am currently preparing a machine for a web hosting service, and I decided to use MySQL to store all our users (since the rest of our services use it already). For that, I am using libnss-mysql and pam-mysql. However, even though most of the setup…
John WH Smith
- 341
- 4
- 18
2
votes
0 answers
Deploy RDWeb on a non-default website
I have a public website and a private site set up like below:
Public site: samplesite.com (http)
Private site: my.samplesite.com (https)
I'm trying to use RDWeb to enable users to change Active Directory passwords by following this…
JJLL
- 121
- 3
2
votes
1 answer
Best practice for assigning passwords in a company
I work in a small company and have been spending a lot of time optimizing our network. Our security system is, sadly, abysmal, seeing as no one ever really took care of it. So I'm looking for an all-around solution for password assignment and…
Merritt6616
- 43
- 4
2
votes
0 answers
Where do you store shared secrets used in building VMs dynamically (phoenix servers)?
We use vagrant to spin up linux VMs for dev, testing, and evaluation servers for our software. Most often, devs are using linux from VMs inside an AD-connected windows7 box.
The configuration of the servers happens through puppet manifests. Our…
JCii
- 121
- 2
2
votes
2 answers
Is it wise to use very secure password for sudo users when using SSH Keys for server login?
I am not asking how to do anything here, rather trying to understand best practices and the "right" way to handle server security. To prevent brute force password attacks, I have secured my server in a number of ways, one of which being password…
JM4
- 1,104
- 3
- 18
- 29
2
votes
1 answer
Privileges for resetting password, changing password, unlocking account, and read profile
I have made a service that has the capability to reset, changes passwords, unlock a locked out account, and read AD profile values (e.g. sn, firstname etc) of some domain user after the user verifies himself through phone. On the target domain…
Hassan Gulzar
- 171
- 1
- 2
- 5
2
votes
2 answers
Masquerade as User in Enterprise Windows Environment
In a large Enterprise Windows Environment. What do IT people do to login as a user if needed? It seems impossible to me to keep user passwords in a large environment. In a Mac environment, you have the option to masquerade as a user and login using…
Untalented
- 323
- 1
- 4
- 14
2
votes
3 answers
Should I create a password for a user if they only will be using ssh key authentication?
I am adding a new user account (to a CentOS 6.2 box) which will only use ssh key authentication (with a strong key passphrase of course). I have disabled ssh password auth in sshd_config.
Should I even use passwd to setup a password for them? Is…
ericvg
- 170
- 6