This evening I was thinking about the various security measures put in place at work. Although I use Kubuntu on my desktop, our network is a Windows/ActiveDirectory network.
The main thing I was thinking about was the password policy. ActiveDirectory has been set up to force a password change every 30 days. Of course this means fun for me once a month, since I don't log in via ActiveDirectory, and I only realise that my password has expired because I can no longer log into the bug tracker and I haven't had any new e-mails for two days.
This password-changing policy is supposed to be in the interest of increased security, but in practical terms it decreases security. Firstly, security needs to start at the door, not the desk, and secondly, such rapid changing of passwords only makes people use simple passwords typically with an ever increasing number at the end. At the same time, the passwords themselves are fairly insecure because, from what I can tell, they only need a minimum of one non-alphabetic character.
As a result of this silly password changing policy, you end up with security that is fairly trivial to circumvent. This is therefore hardly security at all.
My suggestion would be to scrap the password changing, and implement a better password policy. Increase the minimum number of characters to 8 and force at least one lowercase character, one uppercase character, one number and one non-alphanumeric character (such as a punctuation mark).
This way your users choose a sufficiently advanced password, but are able to remember it due to continued use. They also don't use a system of ever-increasing numbers because they have to generate a new, memorisable password every month.
Thinking about these things got me thinking about how Microsoft has tried to make Windows more secure in recent years. The result: User Access Control, the single most irritating feature of Vista and 7. Even I, who has only ever used Vista on someone else's computer, found UAC to be highly irritating after using it for only 10 minutes.
But then how do Linux and other Unix and Unix-like operating systems get security right? Well, a few ways, but I think one of the most important things is that they don't make security get in the way of the user.
You see, from what I have observed from the Microsoft world, security tends to be placed in the hands of the users, and they have to pick it up and either use it or not use it. And what do the majority of users do? They throw security away because they don't want to deal with it.
In the *nix world, security tends to happen behind the scenes. All files have 3 levels of permissions, and file extensions have no real say in how the file is handled. When a user downloads a file, they are not prompted to confirm that they want to download it, and files are not executable by default, even if they have a .exe extension.
So what is the end result of all of this? Well, Windows has over 100000 viruses in the wild the last time I checked, and most of the 40 or so viruses for each of the *nix platforms are products of a CompSci lab. Did Microsoft's new UAC work? Not really.
Don't place security in the hands of your users, it's not going to work.