Thursday 27 May 2:30pm
Location: 1320 Digital Computer Lab
 |
|
 |
|
|
|
Location: 1320 Digital Computer Lab
Speaker: Thomas Kula
Title: Managing Suck: Kerberos Password Quality at the University of Michigan
Abstract:
Having a password quality policy is really a balancing act between two distinct yet equally painful types of suck:
In the Fall of 2009 Information and Technology Services at the University of Michigan deployed a plug-in framework to allow complex password quality decisions to be made on the kadmin server at password change time.
This talk will briefly focus on the technical aspects of the framework, and then discuss the messy, non-technical aspects of having a password quality policy: developing a policy, dealing with user feedback and interacting with legacy software. It will end with a discussion of the usability of password policies, what they are good for and where they fall short.
Slides: PDF