Quote:
Originally Posted by computersavvy
My bank does the same.
|
At my job, we still have the policies on the complexity of passwords. But like I told you, when I asked for some root passwords I almost went flat on my back.
It seems like a good idea to have a tool that evaluates the complexity of the password at the beginning of 'creating' it, but when we already have an infrastructure with more than 4k servers it is more complex.
I wanted to do a quieter job and audit the server from my side but it looks like I will have to audit the keys directly with the corresponding area.