Home page logo

basics logo Security Basics mailing list archives

RE: passwords
From: "Robert Sieber" <securityfocus () different-thinking de>
Date: Tue, 18 Feb 2003 18:58:55 +0100

It doesn't make sense because 90 days is too long. A password should be
at least after 30 days - if they are strong enough. A cracker has 90 days
to find out the correspondig password .....


-----Original Message-----
From: ullmic6 () web de [mailto:ullmic6 () web de]
Sent: Monday, February 17, 2003 8:02 PM
To: security-basics () securityfocus com
Subject: passwords

Hello all,

one of the favorite subjects in my company seems to be the strength of
passwords. We force our users to change their mail password every 90 days.
Does this make sense? Why?


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]