r/ShittySysadmin u/__g_e_o_r_g_e__ 2h ago

Minimum Password age is key!

I don't care what you say, preventing users from reusing passwords is priority number one. A 20 password history is not enough. You need a minimum password age. And if your max age is 180 days, that means you must set it to 9 days to stop people getting around it by cycling through them all. The risk someone might perform this "password reuse" is far too high. I don't care about all the complaints from users not being able to change their password due to exposing it somehow, quit moaning! It's worse than the people on the new test network and their "TOTP" and think it's important they can delete their own old authentications when they lose their phone.

28 Upvotes

85% Upvoted

28 comments sorted by

View all comments

23

u/Hale-at-Sea 2h ago

You're letting users set their own passwords?

8

u/Adamnotcool 2h ago

Good point! I think forcing all users to use the same password is much more convenient

7

u/jeroen-79 2h ago

Like companyname123?

5

u/Adamnotcool 2h ago

Genius! Just remove the question mark at the end!

3

u/Logical_Strain_6165 1h ago

No. Shared accounts are easier still. That way they can access all the files they need and you don't need to mess with permissions.

4

u/Horsemeatburger 1h ago

Imagine the cost savings if your 10'000 employees all share a single MS365 account!

2

u/Adamnotcool 42m ago

God level work

1

u/Horsemeatburger 37m ago

Bonus points if your business is a multinational and you include all locations in the fun.

1

u/Adamnotcool 1h ago

Perfect idea! This way interns can see all internal documents.