Password security and the means of achieving it within a Novell environment'

Today, passwords are the primary means of authenticating to most computer systems. As a result, people are forced to remember an abundance of passwords, not only for their employer's directory services, email, and other applications, but also for some web sites they visit. Since they must remember a lot of passwords, it is likely that their password was chosen with simplicity in mind and can be easily guessed or cracked. A step towards maintaining security is breaking users of this habit and enforcing strong passwords. Account security is critical, especially for more privileged accounts, which can provide access to sensitive mission critical data, personal information, such as social security numbers, or financial information, like credit cards numbers or account access. This paper will focus on the need for password security and the various means of implementing and maintaining it within a Novell NDS / eDirectory environment. Securing the accounts in your directory involves a combination enforcing strong passwords, account lockout periods and security policies, in addition to providing the users with training. An additional security add-on called Novell Modular Authentication Services allows for definable password characteristics and multifactor authentication using smart cards, tokens, or biometrics.