cat-users AT lists.geant.org
Subject: The mailing list for users of the eduroam Configuration Assistant Tool (CAT)
List archive
- From: Alan Buxey <alan.buxey AT gmail.com>
- To: Michael.Davies AT gowercollegeswansea.ac.uk
- Cc: eduroam CAT Feedback <cat-users AT lists.geant.org>
- Subject: Re: [[cat-users]] eduroam Issue
- Date: Tue, 11 Dec 2018 15:47:01 +0000
- Authentication-results: prod-mail.geant.net (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
hi,
yes, unfortunately most mobile platforms have issues with stored profile passwords if the user has changed them - repeated failures to auth - usually remeied easily by just rejoining the
network after forgetting it (at that point, if not using a deployment tool such as eduroamCAT, the new connection will be without checking the RADIUS cert correctly).
so, use EAP-TLS certs instead (self-enroll using their current user/password to get a cert that is only for wireless) - Aruba clearpass etc etc
or maybe look at your password policy - why changing them every 3 months? the current security best practices is to ensure the password is strong and ONLY change it if
there is a reason to believe that its been compromised, use multi factor auth where possible etc.
alan
- [[cat-users]] eduroam Issue, Michael Davies (Infrastructure Mgr), 12/11/2018
- Re: [[cat-users]] eduroam Issue, Stefan Winter, 12/11/2018
- Re: [[cat-users]] eduroam Issue, Alan Buxey, 12/11/2018
- Re: [[cat-users]] eduroam Issue, IAM David Bantz, 12/11/2018
- RE: [[cat-users]] eduroam Issue, Michael Davies (Infrastructure Mgr), 12/12/2018
- Re: [[cat-users]] eduroam Issue, Tomasz Wolniewicz, 12/13/2018
- Re: [[cat-users]] eduroam Issue, IAM David Bantz, 12/13/2018
- Re: [[cat-users]] eduroam Issue, Tomasz Wolniewicz, 12/13/2018
- RE: [[cat-users]] eduroam Issue, Michael Davies (Infrastructure Mgr), 12/12/2018
- Re: [[cat-users]] eduroam Issue, IAM David Bantz, 12/11/2018
Archive powered by MHonArc 2.6.19.