View Single Post
Old 10-12-2006, 08:12 PM   #5 (permalink)
jwcanada
Thumbs Must Hurt
 
jwcanada's Avatar
 
Join Date: Feb 2005
Location: Saint Louis
Model: 8830
Carrier: Sprint
Posts: 130
Post Thanks: 0
Thanked 0 Times in 0 Posts
Default

We use a 30 min timeout with a 6 character with no complexity required. We also put the "Owner" message when the device is locked to show the users name, company name, and a msg saying if found please contact our 800 number for our helpdesk. I thought there was no way in hell we would ever get an honest person to call. But funny thing in 3 yrs we have had 5 devices lost that the person that found it called our helpdesk. But when if comes to password policy you have to consider your business. You have to think that financial firms would have a much more strict policy than your avg company. So I don't think there is any wrong answer on the timeout of the password policy....as long as you enforce it.
__________________
~~Dazed and Confused~~
Offline