[7042] in Kerberos
Re: Enforcing password policy
daemon@ATHENA.MIT.EDU (Barry Jaspan)
Tue Apr 9 15:51:07 1996
Date: Tue, 9 Apr 96 15:23:38 EDT
From: Barry Jaspan <bjaspan@MIT.EDU>
To: Dennis Putnam <putnamd@atlodbs1.hayes.com>
Cc: kerberos@MIT.EDU
In-Reply-To: [7040]
Date: Tue, 9 Apr 1996 13:15:11 -0400 (EDT)
From: Dennis Putnam <putnamd@atlodbs1.hayes.com>
How are various password policies enforced?
Password changing is a function of the Kerberos administration system,
so the Kerberos admin server can enforce any variety of password
quality when the password is changed. However, the admin servers
currently contained in the MIT Kerberos distribution do not provide
such functionality. Most commercial Kerberos products (OpenVision
Technologies' and CyberSAFE's, for example) do.
I believe the MIT development team is aware that this is a serious
limitation and is working on a solution, but of course I cannot speak
for them.
Barry
