
I used to receive almost daily request from people to reset their unix passwords, especially after the holiday season. The following policy has trimmed these down severely.
Please note that forgetting your password is an offense in my book, and I respond thusly:
First offense: I change your password to match your username, give you a warning and set it to autoexpire so you must change it on first logon.
Second offense: I change your password to the md5sum of your username. I check it the next day, with every subsequent day you haven’t hanged it, I add another random 32 characters generated through similar means..
Third offense: I change your password to the SHA256 has of your username. I check it the next day, with every subseuent day it’s unchanged, I add another 256 random characters generated through similar means, unless we reach maximum password length for the specific platform first.
Fourth offense: You get a R500 parking ticket and I proceed as on a third offense, except for another parking ticket per day as well (what ? You didn’t know your unix admin could do that ?)
Fifth offense: Final offense, you go “on an extended holiday to a country with no communications infrastructure whatsoever and is therefore unable to call any friends or family”. You never return. Your family treasures the letter from the peace core thanking them for your valiant death in the line of serving mankind. (Again ? You didn’t know your unix admin could do that either ?)