Answer the question
In order to leave comments, you need to log in
N
N
NM2019-05-23 19:06:34
NM, 2019-05-23 19:06:34
Do you store domain user passwords?
Do you store AD user passwords?
If yes, why? If not, why not?
3 answer(s)
@x-Ice
@CityCat4
@POS_troi
I
Ivan Shumov, 2019-05-23 @x-Ice
no, this is against security rules + there is a rotation of passwords, so they become obsolete. in practice, you should only have a temporary password when issuing an account to a new employee or in case of recovery. no need to store it
C
CityCat4, 2019-05-23 @CityCat4
What for?
An ordinary domain user has nothing that he could hide from the admin with this password. And the program settings in his profile still need to be done in his presence.
T
TyzhSysAdmin, 2019-05-23 @POS_troi
It makes no sense to store user passwords somewhere, and even more so to generate them yourself.
Is there a policy in the system for the length and complexity of the pass, did the user forget the password? We put a random one and check the "require change" checkbox, the user logs in and changes the password within n minutes, has not logged in and has not changed, blocking the account at all.
How to deliver a temporary password to the user is already from the category of policies adopted in the organization.
Similar questions
D
M
C
Capitollium2021-04-20 13:28:26
What to do with a local user account when typing into a domain?
2Reply
S
D
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question