Password Reset

Tom Lane tgl at redhat.com
Tue Mar 10 01:07:43 UTC 2009


Kevin Kofler <kevin.kofler at chello.at> writes:
> Why don't we stop requiring these pointless password resets
> altogether?

+1 ... it's a demonstrated fact that forcing periodic password changes
does not improve security.  What it does do is force people to write
down their passwords so they can remember what's current.

The only passwords I can remember are the ones that I *don't* change
routinely.  Guess what, all the rest (including my Fedora one) are
written down.

			regards, tom lane




More information about the fedora-devel-list mailing list