- From: Leif Johansson <leifj@it.su.se>
- Date: Fri, 10 Aug 2007 20:04:06 +0200
- To: Henrik Nordstrom <henrik@henriknordstrom.net>
- CC: HTTP Working Group <ietf-http-wg@w3.org>
Henrik Nordstrom wrote: > On fre, 2007-08-10 at 17:11 +0200, Leif Johansson wrote: > > >> I'm not sure If you meant that as a good or bad thing :-) A large >> set of users never "just" decide to change their passwords as >> anyone who has operated a large user store with several keys >> per user (eg a kdc). >> > > Quite many have password aging enabled, requiring users to periodically > change their password. > > I can only speak from my operational experience with such things - I've never found password aging good or fast enough when needing to deploy a new keytype/enctype.
Received on Friday, 10 August 2007 18:03:51 UTC