On 10/11/2019 2:24 AM, Dave Horsfall wrote:
On Thu, 10 Oct 2019, Nemo wrote:
Some (large) companies regularly run password
crackers on their
employees' passwords and inform them if their passwords are found
"insufficiently strong to protect company assets".
An ex-employer of mine (not the reason I left) used to do just that.
Good, bad, distasteful, prudent, off-topic?
Depends :-)
-- Dave
And when I was an instructor and sysadmin at Pyramid, I caught a
co-worker with a SUID ksh binary named "..." "hidden under his home
directory in a directory named "..." because su took too long. Yeah and
su had logging. Thank you COPS. Not that I distrusted him -- but when
you share sysadmin duties there are things thatshouldn't be done.
Bill