Re: strong passwords

From: Cary Shultz [A.D. MVP] (cwshultz_at_mvps.org)
Date: 01/20/05 

Date: Wed, 19 Jan 2005 19:24:54 -0500

Ryan,

It is not so cold here in lovely Roanoke, VA as in Chicago, IL but we still
have in the low low 30s and upper 20s during the day. Our little guy doesn
ot quite know how to react when I take him outside! 

-- 
Cary W. Shultz
Roanoke, VA  24014
Microsoft Active Directory MVP
http://www.activedirectory-win2000.com
http://www.grouppolicy-win2000.com
"Ryan Hanisco" <rhanisco@flagshipis.com> wrote in message 
news:Os7v6Tn$EHA.2788@TK2MSFTNGP15.phx.gbl...
> 10-20 seconds??  That's a bit quick, but I completely believe you.  Maybe
> you hang out with a tougher crowd than I do?
>
> I have seen a user forget a 6 character password in 10-20 seconds though.
>
> -- 
> Ryan Hanisco
> MCSE, MCDBA
> Flagship Integration Services
>
> PS: Hello to Herb and Cary from the frozen tundra of Chicago.  I hope your
> days are warmer than mine.
>
> "Herb Martin" <news@LearnQuick.com> wrote in message
> news:%23Y4uirQ$EHA.3368@TK2MSFTNGP15.phx.gbl...
>> I also would say that trying for secure passwords
>> shorter than 15 characters is a futile effort.
>>
>> I have personally seen 14 character, semi-complex
>> passwords broken in 10-20 seconds on demand.
>>
>> -- 
>> Herb Martin
>>
>>
>> "Cary Shultz [A.D. MVP]" <cwshultz@mvps.org> wrote in message
>> news:ublViJP$EHA.2156@TK2MSFTNGP10.phx.gbl...
>> > Flavio,
>> >
>> > In addition to what Ryan and Herb ( Howdy, Guys! ) have stated I would
>> > suggest that you have a minimum password age of at least 10 days.  Why?
>> > Because without a minimum password age your smarter users will quickly
>> find
>> > out that they can change their password xx number of times ( in your
> case,
>> > 14 ) in rapid succession to get back to their favorite password.  Thus,
>> your
>> > password policy will not really be that effective.  With 10 days as the
>> > minimum password age most - hopefully all! - users will have given up!
>> >
>> > I would also suggest that you contact the MS PSS and get the fix ( for
>> > free ) and install it on all of your computers ( Domain Controllers,
>> Member
>> > Servers, Workstations ) as your users will most likely NOT come up with
> a
>> > password that will met with the complexity requirements.  This will
> result
>> > in an error message that is quite generic and not very informative.
> With
>> > this hot fix the users will be given an error message that spells out
>> > exactly what they need to do ( assuming that they read it! ).
>> >
>> > Here is the link:
>> >
>> > http://support.microsoft.com/?id=821425
>> >
>> >
>> > You might also want to take a look at this MSKB Article:
>> >
>> > http://support.microsoft.com/?id=309799
>> >
>> > -- 
>> > Cary W. Shultz
>> > Roanoke, VA  24014
>> > Microsoft Active Directory MVP
>> >
>> > http://www.activedirectory-win2000.com
>> > http://www.grouppolicy-win2000.com
>> >
>> >
>> >
>> > "Flavio Alves" <FlavioAlves@discussions.microsoft.com> wrote in message
>> > news:3454A86B-CEC4-4463-969F-C0A302B86C69@microsoft.com...
>> > > In my company , we are applicating strong passwords and i have the
>> > > following
>> > > consiguration
>> > > - enforce password history = 12
>> > > - maximum password age = 90 days
>> > > - minimum password age = 0
>> > > - minimum password lenght = 6
>> > > - password must meet complexity ... = disable
>> > > - store passwords using .... = disable
>> > > Now , after changes will to stay of following form .
>> > > - enforce password history = 14
>> > > - maximum password age = 45 days
>> > > - minimum password age = 0
>> > > - minimum password lenght = 8
>> > > - password must meet complexity ... = enable
>> > > - store passwords using .... = disable
>> > >
>> > > What´s the impact in my ambient, that  will occur with all 
>> > > workstation
>> im
>> > > my
>> > > company ?
>> > >
>> >
>> >
>>
>>
>
>
Loading