Quoting Florin Iucha (florin at iucha.net): > Do you know what will this guarantee? That in less than 30 seconds by > looking under the monitor, under the desk and the top drawer you will find > the post-it with the last 5 passwords. > > Bob, when was the last time you changed you house keys? Got me there. > Your office keys? In March. > Your office alarm code? Every month. > Give me a break. Get a clue, then I'll give you a break. Read any security whitepaper and you'll see password aging is recommended. I could have been real anal and said session password, ala a token card, that expires every 30 mins. Password aging for a normal user, yes, a postit on the monitor might happen. But a normal user doesn't have access to much data. A postit note on the monitor of an admin or user with privileges, that should never happen. -- Bob Tanner <tanner at real-time.com> | Phone : (952)943-8700 http://www.mn-linux.org, Minnesota, Linux | Fax : (952)943-8500 http://www.tcwug.org, Minnesota, Wireless | Coding isn't a crime. Fingerprint: 02E0 2734 A1A1 DBA1 0E15 623D 0036 7327 93D9 7DA3