Passwords and Password Phrases › Prevent Password Changing
Prevent Password Changing
The NEWPW option prevents users from changing their own passwords. The potential problems resulting from selecting the NU suboption are:
- The CA Top Secret security administrator must change all user passwords at the interval specified for each user
- The revised passwords must be communicated to the users at the specified intervals, risking regular compromise of password confidentiality
- If you choose to suppress password change intervals, password guessing has a greater chance of success because the user's password never changes
If you decide to prevent users from changing their own passwords and you enforce password change intervals for user ACIDs, develop a secure procedure for communicating passwords to your user community to ensure that only the appropriate user is receiving his own password.
Copyright © 2014 CA Technologies.
All rights reserved.
|
|