Re: Password Policy best Practice...

Tech-Archive recommends: Repair Windows Errors & Optimize Windows Performance

Hi Bill:

I recommend that you use pass phrases instead of passwords. They are easier to remember, easily modifiable, and virtually unbreakable.

There is a limitation in Windows that up to 15 characters the password can be extracted from the database.

http://en.wikipedia.org/wiki/LM_hash

More than that, it is both too complex for attack and cannot be extracted from the database. Therefore I recommend "passwords" such as:

My Team 36 Your Team 24!!

My Car is Red *.*

I use the "same" pass phrase on every server that I administer. Same because I can simply think about where I am and the name of the company and the password is self evident in the context of the place.

Company + Location + 8 weird characters.

The weird characters could be easily be incremented on a 30, 60 or X day schedule as no one would forget that they were 120 and now they are 121 in the numerical part of the passphrase. I can argue that a 15+ position pass phrase is unbreakable, especially if you institute a lock out policy, but changing it on a regular schedule is still a good idea.

-Larry



"bill" <bill@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message news:518B6862-B07A-4779-B737-D517C319097B@xxxxxxxxxxxxxxxx
Hi,

We use Remote Web Access on SBS2003. Is there a Microsoft recommendation
for the time between required password changes?

.

Relevant Pages

  • Re: Password Policy best Practice...
    ... I concur with Larry and even backed by a Microsoft document..lol ... I recommend that you use pass phrases instead of passwords. ... I use the "same" pass phrase on every server that I administer. ... Company + Location + 8 weird characters. ...
    (microsoft.public.windows.server.sbs)
  • RE: [Full-Disclosure] Emailing SSN info
    ... > Now they want to know if there are any laws pertaining to the emailing of ... SSN info. ... Answer this question with the phrase "I recommend you consult the school ...
    (Full-Disclosure)
  • Re: Can you help with a rather short translation, but into as many languages as possible?
    ... Swedish   ... recommend that you try to participate in that project yet, ... many different languages as possible. ... post the phrase and in what language it is in. ...
    (sci.lang.translation)
  • Re: Password Policy best Practice...
    ... I agree completely with Larry except that I also recommend intentional missspells and char substitutions. ... There is a limitation in Windows that up to 15 characters the password can be extracted from the database. ... I can argue that a 15+ position pass phrase is unbreakable, especially if you institute a lock out policy, but changing it on a regular schedule is still a good idea. ...
    (microsoft.public.windows.server.sbs)
  • Re: [opensuse] umask
    ... recommend you Google the phrase "umask and nfs". ...
    (SuSE)