CA Directory provides the tools to let you change the attributes of passwords, for example, minimum password length, and to change the password encryption.
Passwords are encrypted before they are stored in the directory. This prevents the possibility of interrogating the directory directly for the value of any passwords.
Passwords are always single-valued. This means that an administrator cannot add a secret value and use this as an unpublished entry point into the DSA.
Password logins are secure only if each person can change only his or her own password. Ensure that you set access controls so that each user can update only their own password. Also, ensure that administrators are allowed to update any user password.
|
Copyright © 2013 CA.
All rights reserved.
|
|