I my experience, if a user is suddenly (from the users point of view)
required to change their password, the new password will be a bad one.
Selecting a password that is both memorable and non-trivial requires
thought. The user will often write down the new password, rather than
risk forgetting it.
Why do you want to have the password age? If you are worried about
physical security (like someone watching the password be typed in),
changing a users password frequently will likely make it worse, as I
mentioned above. If you are worried about network snooping, changing
passwords only delays a cracker, and you should be using one-shots.
----- Begin Included Message -----
> >Has anyone attemped to modify the TIS authenticator software to age
> >passwords? We plan to do this soon, but rather than re-invent the
> We don't recommend using authentication technologies where
> your password might "age." -- Systems like S/key, where your
> passwords expire after each use, or systems like commercial challenge
> response or changing ID cards do not need to expire since the
> passwords are (effectively) nonrepeating.
I don't know here -- I've always believed that changing passwords
was important, even in systems where you don't actually pass them
With s/key, for instance, it is not a good idea to become too used to
one particular password for too long a time. Perhaps it's merely me,
but I find that after having one password too long, I tend to sometimes
slip up and type the wrong password at the wrong time. Changing passwords
on a regular basis keeps you from slipping up too much.
Additionally, if your password was somehow sniffed or otherwise
gotten-ahold-of (perhaps they watched you generate keys through the
keyhole?), changing one's password provides an added sense of
----- End Included Message -----