Designing a Password Policy130 Netscape Directory Server Deployment Guide • January 2002Often the initial passwords set by the administrator follow some sort ofconvention, such as the user’s initials, user ID, or the company name. Once theconvention is discovered, it is usually the first value tried by a hacker trying tobreak in. In this case, it is a good idea to require users to change their passwordsafter such a change. If you configure this option for your password policy, usersare required to change their password even if user-defined passwords are disabled.(See “User-Defined Passwords,” on page 130 for information.)If you choose to not allow users from changing their own passwords, administratorassigned passwords should not follow any obvious convention and should bedifficult to discover.By default, users do not need to change their passwords after reset.User-Defined PasswordsYou can set up your password policy to either allow or not allow users fromchanging their own passwords. A good password is the key to a strong passwordpolicy. Good passwords do not use trivial words—that is, any word that can befound in a dictionary, names of pets or children, birthdays, user IDs, or any otherinformation about the user that can be easily discovered (or stored in the directoryitself).Also, a good password should contain a combination of letters, numbers, andspecial characters. Often, however, users simply use passwords that are easy toremember. This is why some enterprises choose to set passwords for users thatmeet the criteria of a “good” password and not allow the users to change thepasswords.However, assigning passwords to users takes a substantial amount of anadministrator’s time. In addition, by providing passwords for users rather thanletting them come up with passwords that are meaningful to them and thereforemore easily remembered, you run the risk that the users will write their passwordsdown somewhere where they can be discovered.By default, user-defined passwords are allowed.Password ExpirationYou can set your password policy so that users can use the same passwordsindefinitely. Or, you can set your policy so that passwords expire after a giventime. In general, the longer a password is in use, the more likely it is to bediscovered. On the other hand, if passwords expire too often, users may havetrouble remembering them and resort to writing their passwords down. Acommon policy is to have passwords expire every 30 to 90 days.