Password Policies

If your users have insecure passwords, all the other security measures you might take may well be moot. Probably the most responsible thing you can do as the administrator of a FreeBSD system is to institute a password policy, requiring (or at least encouraging) your users to use passwords that cannot be easily guessed or decoded.

Users frequently find passwords inconvenient, and strict password policies doubly so. If allowed, a user will try to use his username, his telephone number, the server’s hostname, a word such as “password,” or strings of convenient-to-type characters, such as repeated letters or numbers. If you choose to expire users’ passwords after some period, the first thing a user will try, when prompted to choose ...

Get FreeBSD6 Unleashed now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.