cancel
Showing results for 
Search instead for 
Did you mean: 

Password policy for Policy Manager Console

Aspirant

Password policy for Policy Manager Console

Hi,

Is there a way to change password policy for F-Secure Policy Manager Console?

Password has to be 6 characters long now. I'd like to change it to 8.

 

Best,

Marcin

1 ACCEPTED SOLUTION

Accepted Solutions
Highlighted
Superuser

Betreff: Password policy for Policy Manager Console

Forcing long passwords with rules and codesets is something that is done for a standard lasy user.

As an administrator you KNOW better, so why don't you simply just use a PW rule you like even if it is not enforced? Nothing is bad in using a strong password where only a weak is requested!

If you have several administrators and don't trust them (?!) to use strong passwords, you can still enforce by linking to AD-Accounts and keep the main Admin PW to yourself or in a safe.

Finally please do not forget that anyone with access to the server is able to reset the admin password easily. As that is the real weak part, what is the sense in using strong passwords? Strong passwords and Strong encryption should be used where really needed not only because they look better!

 

my2ct
M.

Matthias
----------
perComp is a Platinum Partner of F-Secure since 1994. Any advice or help given by me in this forum is voluntarily and to my best knowledge based on working with the products since 1997. Direct contact for customers please check our homepage http://www.percomp.de

2 REPLIES 2
Highlighted
Superuser

Betreff: Password policy for Policy Manager Console

Forcing long passwords with rules and codesets is something that is done for a standard lasy user.

As an administrator you KNOW better, so why don't you simply just use a PW rule you like even if it is not enforced? Nothing is bad in using a strong password where only a weak is requested!

If you have several administrators and don't trust them (?!) to use strong passwords, you can still enforce by linking to AD-Accounts and keep the main Admin PW to yourself or in a safe.

Finally please do not forget that anyone with access to the server is able to reset the admin password easily. As that is the real weak part, what is the sense in using strong passwords? Strong passwords and Strong encryption should be used where really needed not only because they look better!

 

my2ct
M.

Matthias
----------
perComp is a Platinum Partner of F-Secure since 1994. Any advice or help given by me in this forum is voluntarily and to my best knowledge based on working with the products since 1997. Direct contact for customers please check our homepage http://www.percomp.de

Aspirant

Betreff: Password policy for Policy Manager Console

Except of what I KNOW better there are some paper politics in our company which describes recommendation for passwords in IT systems. We want to be compliance with it in case of inspections. Inspectors as the lazy persons prefer to IT systems having ability to check passwords strength than trusting users to use appropriate passwords.

Your malice wasn't necessary.


Thanks for answer anyway.