OpenAFS logo

May 24-28, 2010

University of Illinois at Urbana-Champaign logo

Thursday 27 May 2:30pm

Location: 1320 Digital Computer Lab

Speaker: Thomas Kula

Title: Managing Suck: Kerberos Password Quality at the University of Michigan


Having a password quality policy is really a balancing act between two distinct yet equally painful types of suck:

In the Fall of 2009 Information and Technology Services at the University of Michigan deployed a plug-in framework to allow complex password quality decisions to be made on the kadmin server at password change time.

This talk will briefly focus on the technical aspects of the framework, and then discuss the messy, non-technical aspects of having a password quality policy: developing a policy, dealing with user feedback and interacting with legacy software. It will end with a discussion of the usability of password policies, what they are good for and where they fall short.

Slides: PDF