Re: [Fed-Talk] Re: Local account password policies
Re: [Fed-Talk] Re: Local account password policies
- Subject: Re: [Fed-Talk] Re: Local account password policies
- From: Michael Kluskens <email@hidden>
- Date: Tue, 21 Sep 2004 10:45:35 -0400
On Sep 20, 2004, at 9:10 PM, Shawn Geddis wrote:
On Sep 10, 2004, at 1:34 PM, Seyberth Allan R Contr AFRL/VSIO wrote:
Is it possible to natively force all local passwords on 10.3 to be
strong - ie 9-14 characters with complexity and non-repeat options?
As noted by others, Mac OS X v10.3.x does not provide Password Policy
Enforcement on Local Accounts.
Then again, you are part of Air Force which is part of DoD and
everything is suppose to be using Smart Cards (CAC) right ?
Is there a general rule where Passwords are still being used in place
of Smart Cards or other hardware tokens ?
-Shawn
CAC's are only being used for Signing and encrypting email and
accessing private web sites. There is an additional requirement for
network logins to be PKI enabled (this is also something OS X 10.3
can't do). I haven't been able to find any requirement in the DOD or
DON directives for local desktop logins to be restricted to CAC cards
and certainly not at the site were I work. On top of that CAC cards
are not practical on small networks not connected to the DOD networks.
For logins into desktop machines we are required to change passwords
every 3 months and required to use passwords that contain upper & lower
case & numbers & symbols. Windows can enforce this requirement, OS X
10.3 can not, that creates a problem.
Michael
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Fed-talk mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden