Re: Password Policy best Practice...

Tech Tip: Click here to run a free scan for Windows Errors and optimize PC performance



Hi Bill:

I recommend that you use pass phrases instead of passwords. They are easier to remember, easily modifiable, and virtually unbreakable.

There is a limitation in Windows that up to 15 characters the password can be extracted from the database.

http://en.wikipedia.org/wiki/LM_hash

More than that, it is both too complex for attack and cannot be extracted from the database. Therefore I recommend "passwords" such as:

My Team 36 Your Team 24!!

My Car is Red *.*

I use the "same" pass phrase on every server that I administer. Same because I can simply think about where I am and the name of the company and the password is self evident in the context of the place.

Company + Location + 8 weird characters.

The weird characters could be easily be incremented on a 30, 60 or X day schedule as no one would forget that they were 120 and now they are 121 in the numerical part of the passphrase. I can argue that a 15+ position pass phrase is unbreakable, especially if you institute a lock out policy, but changing it on a regular schedule is still a good idea.

-Larry



"bill" <bill@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message news:518B6862-B07A-4779-B737-D517C319097B@xxxxxxxxxxxxxxxx
Hi,

We use Remote Web Access on SBS2003. Is there a Microsoft recommendation
for the time between required password changes?

.



Relevant Pages

  • Re: Password Policy best Practice...
    ... I concur with Larry and even backed by a Microsoft document..lol ... I recommend that you use pass phrases instead of passwords. ... I use the "same" pass phrase on every server that I administer. ... Company + Location + 8 weird characters. ...
    (microsoft.public.windows.server.sbs)
  • RE: [Full-Disclosure] Emailing SSN info
    ... > Now they want to know if there are any laws pertaining to the emailing of ... SSN info. ... Answer this question with the phrase "I recommend you consult the school ...
    (Full-Disclosure)
  • Re: [opensuse] umask
    ... recommend you Google the phrase "umask and nfs". ...
    (SuSE)
  • Re: Password Policy best Practice...
    ... I agree completely with Larry except that I also recommend intentional missspells and char substitutions. ... There is a limitation in Windows that up to 15 characters the password can be extracted from the database. ... I can argue that a 15+ position pass phrase is unbreakable, especially if you institute a lock out policy, but changing it on a regular schedule is still a good idea. ...
    (microsoft.public.windows.server.sbs)
  • Re: NBC Ive just read Watchmen
    ... > creating the characters, unpublished artwork, sketches and so on. ... > I would also highly recommend the 2 "League of Extraordinary Gentlemen" ... the previous 2 films based on Moore's comics have ...
    (rec.music.artists.springsteen)