On Tue, Jan 29, 2008 at 04:43:16PM +1100, Les Bell wrote: > > Frank Cox <theatre at sasktel.net> wrote: > > >> > I have never understood this. If I have a good, strong password that > nobody > knows, how is changing it to another one an improvement over what I already > have? > << > > Correct. Modern thinking is to teach people how to create a good, strong > password and then stick with it for a longer period than has traditionally > been the case. A rainbow tables attack against a captured hash can be done > in just a few seconds, so unless you're prepared to change your password > every few seconds, it's a futile gesture. > > Because most sets of rainbow tables cover all combinations of upper/lower > case alpha, numeric and punctuation symbols, a strong password should > contain at least one control character, a composed character (using the > Alt+numpad technique) or some other non-printable character outside the > rainbow tables set. Or use two-factor authentication (RSA SecurID or > similar tokens, certificates, etc.). > Thinking about the above made me ask the following question: Is it possible to setup Centos to ask for a change of password every month? Thanks Alfredo The Sauce