Hello Rob,

Am 19.02.2024 um 14:33 schrieb Rob Berendt <robertowenberendt@xxxxxxxxx>:

One problem I've seen with NOT requiring a password change is that eventually people become paralyzed with fear of the ramifications of changing their password.

This is an interesting remark. Never heard of this before. I guess from a user's point of view, this shouldn't be much different compared to changing his Windows Active Directory password?

One prime example is a shared Windows administrator account at one company I know of.

This isn't a pure "user" case, but a combination of bad practice (shared account) and lack of process documentation (who/what uses this account). For this case, I agree with you and would force a change. Yes, things can be disrupted by that but that's the price to pay for accumulating technical debt over time. :-)

Even though they've had turnover and some of the people who knew it have long been gone.


And that is the main point against using shared accounts with passwords. Admins often know a way in. And when they have been treated badly by the former employer, some of them seek revenge. It's really interesting how blue-eyed some managers just hope there will be no wrongdoing. 🙈🙉🙊

:wq! PoC


As an Amazon Associate we earn from qualifying purchases.

This thread ...

Follow-Ups:
Replies:

Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2025 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.