
	Home > Ask the Domino Experts > Questions & Answers > How can I set password expiration without locking out accounts?

Ask The Domino Expert: Questions & Answers

EMAIL THIS

How can I set password expiration without locking out accounts?

EXPERT RESPONSE FROM: Mathew Newman

		Pose a Question

		Other Domino Categories

		Meet all Domino Experts
		Become an Expert for this site

Digg This!

StumbleUpon

Del.icio.us

QUESTION POSED ON: 15 June 2005
Several years ago we enabled Check Password in each user's person document, but did not specify a required change interval. We are now running 6.5.2 and using policies, but still have Check Password enabled in the person documents. Now we need to set a password expiration of 90 days for all users. When I create a security policy and apply it to a user who has not changed their password within the last 90 days, their account is locked out until they change their password, which is not the desired result. How can I set password expiration without locking out accounts? I've tried removing the password digest and changing the "last change date" to today and the users still need to change their password before they can access the server.

This will happen as the security policy is applied to the users for the first time. I have come across this issue, where -- like you -- password checking had been in force and was now "superceded" by the security policy settings.

The first time the policy is invoked, the security policy will check the last password date, which appears to come from the notes.id file rather than from the person document, as you have indicated. If the last change date is greater than 90 days, then the security policy settings are applied.

In my experience, if you are going to implement security settings via policy documents, it is best to remove the previous process -- that is, standard password checking through the Domino Directory -- and then apply the security policy once password checking (i.e., Domino Directory, "Actions" menu, "Set Password Fields," "Don't Check password") has been disabled.

Digg This!

StumbleUpon

Del.icio.us

RELATED CONTENT

	Lotus Notes Domino Password Management
	An introduction to ID Vault in Lotus Notes/Domino 8.5
	How to manage passwords to secure Lotus Notes/Domino environments
	An introduction to Lotus Notes password options and essentials
	Secure Lotus Notes 8 with the Internet password lockout feature
	Lotus Notes Domino password management tips
	Cracked users' HTTP passwords still a threat on many Lotus Notes R6 and R7 domains
	Multiple new Sober variants spy on passwords
	Resetting a Lotus Notes password
	FAQ: Lotus Notes Domino password issues
	Hashing out stronger password authentication

RELATED RESOURCES

2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems

Search Bitpipe.com for the latest white papers and business webcasts

Whatis.com, the online computer dictionary

Search and Browse the Expert Answer Center
Search and browse more than 25,000 question and answer pairs from more than 250 TechTarget industry experts.

Browse our Expert Advice
Operating Systems IT Management Networking Database	Security Servers and Storage Applications and Development Career Center

Lotus Notes Domino on Blackberry and mobile devices

SEARCH

TechTarget provides technology professionals with the information they need to perform their jobs - from developing strategy, to making cost-effective purchase decisions and managing their organizations' technology projects - with its network of technology-specific websites, events and online magazines.


TechTarget Corporate Web Site \| Media Kits \| Site Map All Rights Reserved, Copyright 1999 - 2009, TechTarget \| Read our Privacy Policy