In doing some research on Password Recovery in 6.5.x, I came across this comment on the Notes/Domino 6 and 7 Discussion forum.

“Most security experts now agree that forcing periodic password changes doesn’t increase security – it just makes users more likely to forget or write down their passwords. Unfortunately, most corporate IT departments haven’t caught on yet. ;)

This was posted by Posted by Dave Kern on 26.Apr.06 at 02:31 PM

Then someone asked him about that very statement in the next post, and here is his response. Read the rest of this entry »

Posted by david, filed under Security. Date: May 29, 2008, 10:14 am | No Comments »

Finally, after suggesting it be done months ago, I was able to implement salted hash for the Internet password field in our directory.

Check this technote for details and other related technotes:
http://www-1.ibm.com/support/docview.wss?rs=899&uid=swg21255244

This is configured in the Directory Profile (open the NAB, select Actions, Edit Directory Profile)
Set “Use More Secure Internet Passwords” to Yes

This will be affective from any Internet passwords that are saved in the directory from that point forward.

You should also select each person document in the NAB and select Actions\Upgrade to more secure Internet Password.

Don’t ask why it took so long to enable this.

Posted by david, filed under NAB, Security. Date: May 28, 2008, 10:17 am | No Comments »