#2574 Perform regular inactive account prunings and possibly a password reset policy.
Closed: Fixed None Opened 9 years ago by ricky.

We should definitely do regular pruning of inactive accounts. We should also discuss whether we should implement a password expiration policy.

Note that this includes some of the service accounts that we have, like our various non-human FAS accounts, our bugzilla account, etc.

Also discuss adding password complexity requirements to FAS. We currently only have a min length requirement of 8 - what's a good line between enforcing good passwords vs. putting too many restrictions?

Sorry I'm turning this into a dumping ground of ideas - but need to audit what FAS should send emails on

We need FAS to email notifications on yubikey changes and password resets or changes of any kind.

sysadmin-cloud arjunroy
sysadmin-cloud hbrock
sysadmin-cloud lutter
sysadmin-cloud pmyers
sysadmin-cloud sheid
sysadmin-cloud slinabery
sysadmin-cloud sseago

sysadmin-dba mikeb

sysadmin-devel davivercillo
sysadmin-devel huzaifas
sysadmin-devel itbegins
sysadmin-devel ivazquez

sysadmin-hosted huzaifas
sysadmin-hosted jaxjax

sysadmin-main mikeb

sysadmin-noc badone
sysadmin-noc billchen
sysadmin-noc ggruener
sysadmin-noc huzaifas
sysadmin-noc jdieter
sysadmin-noc jorn
sysadmin-noc kanarip
sysadmin-noc rigeld2
sysadmin-noc sgrubb
sysadmin-noc sheid
sysadmin-noc wakko666
sysadmin-noc yingbull

sysadmin-spin maxamillion
sysadmin-spin sandeen

sysadmin-test akistler
sysadmin-test anujmore
sysadmin-test badone
sysadmin-test drak
sysadmin-test emichan
sysadmin-test huzaifas
sysadmin-test itbegins
sysadmin-test jhutar
sysadmin-test jtluka
sysadmin-test kanarip
sysadmin-test mapleoin
sysadmin-test marcelomgarcia
sysadmin-test matheo
sysadmin-test mbacovsk
sysadmin-test mganisin
sysadmin-test schendje
sysadmin-test zc00gii

sysadmin-tools huzaifas
sysadmin-tools santosp
sysadmin-tools tgalyean

sysadmin-web adrian
sysadmin-web akistler
sysadmin-web asgeirf
sysadmin-web badone
sysadmin-web glezos
sysadmin-web huzaifas
sysadmin-web ivazquez
sysadmin-web johnp
sysadmin-web jokajak
sysadmin-web jorn
sysadmin-web mbacovsk
sysadmin-web wakko666
sysadmin-web yingbull
sysadmin-web zoglesby

We decided to do prunings on sysadmin* groups per cycle. See:

As to a wider housecleaning on inactive accounts, perhaps we should ask the Board if this is something they would like us to do?

Login to comment on this ticket.