Hi Alpha Gurus,
Specs: Alpha 1000, DU 4.0b (not yet patched)
I have been asked to find a way to get our users to give themselves better
passwords. C2 is *not* something I am allowed to consider. Our UNIX
consultant tried to implement a program we found on the Internet called
Password Plus, but when we tried to activate it we found that Popper was
going to require changes as would all of my user account creation scripts.
Since this wasn't a happy solution, I'm reduced to having to look for
something like Cracker.
My first question is:
1) Does anyone have a version of Cracker (or something similar) they can
recommend and what are the dangers/pitfalls (if any) in using this
approach? (We have roughly 2000 accounts--but only about 400 have direct
access to the system.)
Another solution that was suggested to me is to put a one-way firewall in
place that would prevent access from outside but would allow those on the
inside to get out (ftp files, etc.).
So...my second question is:
2) Does anyone have a (simple?) firewall product to recommend that would
accomplish this task.
Your collective wisdom will be greatly appreciated!!! I'll be sure to
summarize.
PS: If any of you from academia would care to share your password policies
with me, I'd love to know what your approach is. Our Alpha is *only* used
for E-mail, BTW. I'm coming from Industry (where password security is a
way of life) and I'm a bit baffled by the resistance I'm running into on
this issue.
Cheers,
Debby Quayle
-------------------------*---------------------------
Debbora (Debby) Bartel Quayle
Asst. Dir.ITS, Technical Support Services/
Help Desk & E-mail Administration
Information Technology Services Department
Hamilton College (315) 859-4031 dquayle_at_hamilton.edu
-------------------------*---------------------------
Received on Tue Oct 07 1997 - 16:17:13 NZDT