On Tue, 2006-04-04 at 21:58, jdow wrote: > > Another good guide is: > > > > Enforce changing of passwords on at least a monthly basis. > > Do not permit re-use of old passwords. > > Experience indicates that people rotate sets of four or five passwords > in that case. How do you prevent re-use without keeping plain text or reversibly encrypted copies of the old ones laying around waiting to be stolen? -- Les Mikesell lesmikesell@xxxxxxxxx
