Re: Password Policy best Practice...
- From: "Larry Struckmeyer [SBS-MVP]" <lstruckmeyer@xxxxxxxxxxxxxxx>
- Date: Fri, 12 Sep 2008 22:30:59 -0400
Hi Bill:
I recommend that you use pass phrases instead of passwords. They are easier to remember, easily modifiable, and virtually unbreakable.
There is a limitation in Windows that up to 15 characters the password can be extracted from the database.
http://en.wikipedia.org/wiki/LM_hash
More than that, it is both too complex for attack and cannot be extracted from the database. Therefore I recommend "passwords" such as:
My Team 36 Your Team 24!!
My Car is Red *.*
I use the "same" pass phrase on every server that I administer. Same because I can simply think about where I am and the name of the company and the password is self evident in the context of the place.
Company + Location + 8 weird characters.
The weird characters could be easily be incremented on a 30, 60 or X day schedule as no one would forget that they were 120 and now they are 121 in the numerical part of the passphrase. I can argue that a 15+ position pass phrase is unbreakable, especially if you institute a lock out policy, but changing it on a regular schedule is still a good idea.
-Larry
"bill" <bill@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message news:518B6862-B07A-4779-B737-D517C319097B@xxxxxxxxxxxxxxxx
Hi,
We use Remote Web Access on SBS2003. Is there a Microsoft recommendation
for the time between required password changes?
.
- Follow-Ups:
- Re: Password Policy best Practice...
- From: Frank McCallister SBS MVP
- Re: Password Policy best Practice...
- From: Teneo
- Re: Password Policy best Practice...
- References:
- Password Policy best Practice...
- From: bill
- Password Policy best Practice...
- Prev by Date: Realtime disaster recovery? Is it reasonably possibe?
- Next by Date: Re: Best practices to resize partiton
- Previous by thread: Re: Password Policy best Practice...
- Next by thread: Re: Password Policy best Practice...
- Index(es):
Relevant Pages
|
