Re: strong passwords
From: Ryan Hanisco (rhanisco_at_flagshipis.com)
Date: 01/19/05
- Next message: Ryan Hanisco: "Re: Active directory error"
- Previous message: BCE: "Re: Active directory error"
- In reply to: Herb Martin: "Re: strong passwords"
- Next in thread: Herb Martin: "Re: strong passwords"
- Reply: Herb Martin: "Re: strong passwords"
- Reply: Cary Shultz [A.D. MVP]: "Re: strong passwords"
- Messages sorted by: [ date ] [ thread ]
Date: Wed, 19 Jan 2005 16:19:42 -0600
10-20 seconds?? That's a bit quick, but I completely believe you. Maybe
you hang out with a tougher crowd than I do?
I have seen a user forget a 6 character password in 10-20 seconds though.
-- Ryan Hanisco MCSE, MCDBA Flagship Integration Services PS: Hello to Herb and Cary from the frozen tundra of Chicago. I hope your days are warmer than mine. "Herb Martin" <news@LearnQuick.com> wrote in message news:%23Y4uirQ$EHA.3368@TK2MSFTNGP15.phx.gbl... > I also would say that trying for secure passwords > shorter than 15 characters is a futile effort. > > I have personally seen 14 character, semi-complex > passwords broken in 10-20 seconds on demand. > > -- > Herb Martin > > > "Cary Shultz [A.D. MVP]" <cwshultz@mvps.org> wrote in message > news:ublViJP$EHA.2156@TK2MSFTNGP10.phx.gbl... > > Flavio, > > > > In addition to what Ryan and Herb ( Howdy, Guys! ) have stated I would > > suggest that you have a minimum password age of at least 10 days. Why? > > Because without a minimum password age your smarter users will quickly > find > > out that they can change their password xx number of times ( in your case, > > 14 ) in rapid succession to get back to their favorite password. Thus, > your > > password policy will not really be that effective. With 10 days as the > > minimum password age most - hopefully all! - users will have given up! > > > > I would also suggest that you contact the MS PSS and get the fix ( for > > free ) and install it on all of your computers ( Domain Controllers, > Member > > Servers, Workstations ) as your users will most likely NOT come up with a > > password that will met with the complexity requirements. This will result > > in an error message that is quite generic and not very informative. With > > this hot fix the users will be given an error message that spells out > > exactly what they need to do ( assuming that they read it! ). > > > > Here is the link: > > > > http://support.microsoft.com/?id=821425 > > > > > > You might also want to take a look at this MSKB Article: > > > > http://support.microsoft.com/?id=309799 > > > > -- > > Cary W. Shultz > > Roanoke, VA 24014 > > Microsoft Active Directory MVP > > > > http://www.activedirectory-win2000.com > > http://www.grouppolicy-win2000.com > > > > > > > > "Flavio Alves" <FlavioAlves@discussions.microsoft.com> wrote in message > > news:3454A86B-CEC4-4463-969F-C0A302B86C69@microsoft.com... > > > In my company , we are applicating strong passwords and i have the > > > following > > > consiguration > > > - enforce password history = 12 > > > - maximum password age = 90 days > > > - minimum password age = 0 > > > - minimum password lenght = 6 > > > - password must meet complexity ... = disable > > > - store passwords using .... = disable > > > Now , after changes will to stay of following form . > > > - enforce password history = 14 > > > - maximum password age = 45 days > > > - minimum password age = 0 > > > - minimum password lenght = 8 > > > - password must meet complexity ... = enable > > > - store passwords using .... = disable > > > > > > What´s the impact in my ambient, that will occur with all workstation > im > > > my > > > company ? > > > > > > > > >
- Next message: Ryan Hanisco: "Re: Active directory error"
- Previous message: BCE: "Re: Active directory error"
- In reply to: Herb Martin: "Re: strong passwords"
- Next in thread: Herb Martin: "Re: strong passwords"
- Reply: Herb Martin: "Re: strong passwords"
- Reply: Cary Shultz [A.D. MVP]: "Re: strong passwords"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
