I have a question regarding resetting the password token for a user account, then having the account timeout after inputting the default password. I have a laptop on my desk that we use as a loaner. The account assigned to this laptop has it's password token reset each time it is loaned out. The user who has it at the moment, said that she changed the password that we gave her, but for whatever reason, it was not working and she'd hit the timeout period of two minutes.
I had her bring the laptop to me and I reset the password token. I logged into Endpoint Encryption using our usual admin account and password, logged into Windows and did a synch. I could see in the synch log that the user account had a force password change coming up at next login. I rebooted, logged in using the account assigned and after inputting the default password that is used when a token is reset, I immediately timed out to 4 minutes.
In these circumstances, I will sometimes re-create the user account. Other times, once I am sure that all timeout periods have completed, I can reset the token a second time and things are fine. I'd like to figure out/understand why this occurs and is there something else that I should be doing instead of deleting and recreating the user account.
you should recreate the token, not reset it - reset preserves the history, retry count, failed attempts etc, so with a new user, you really want to clear that and start again.
so, create them a new token.
If it's a completely new user though, maybe you do want to recreate them - after all, why would you want the audit from one user to persist into anothers?
All good security guides would tell you to create a unique user for every person to make sure you had a proper audit trail.
Thanks for the reply. Our usual practice is to create a brand new password token. And I do recreate the account when necessary. Is it normal to re-create the account when needed?
no - I can't think of a good reason ever to recreate an account, well, perhaps if you fired someone, then hired someone different and gave them the same user id maybe..