Security Basics mailing list archives

RE: passwords

From: "Chris Berry" <compjma () hotmail com>
Date: Wed, 19 Feb 2003 11:46:32 -0800

From: "Robert Sieber" <securityfocus () different-thinking de>
It doesn't make sense because 90 days is too long. A password should be
changed
at least after 30 days - if they are strong enough. A cracker has 90 days
to find out the correspondig password .....

If I tried that here, everyone would have sticky notes on their monitor, orif you crack down on that they'd get "clever" and hide it somewhere elselike under their keyboard or something. How did you get around thisproblem? Or you have a very different definition of what a strong passwordis, my example of a strong password would be like this: X-ik]>_:72


Chris Berry
compjma () hotmail com
Systems Administrator
JM Associates

"Quick, easy, or cheap; pick any two."

_________________________________________________________________

MSN 8 helps eliminate e-mail viruses. Get 2 months FREE*.http://join.msn.com/?page=features/virus

Current thread:

RE: passwords, (continued)
- - RE: passwords Jeff Harris (Feb 20)
- Re: passwords simsjs (Feb 19)
- Re: passwords multics (Feb 19)
  - Re: passwords jl (Feb 20)
- Re: passwords Ross Nelson (Feb 19)
- RE: passwords Tim V - DZ (Feb 19)
- Re: passwords eer7y3n0h (Feb 19)
- Re: passwords Chris Berry (Feb 19)
- RE: passwords Robinson, Sonja (Feb 19)
- RE: passwords Vince Dang (Feb 20)
- RE: passwords Chris Berry (Feb 20)
- Re: passwords Chris Berry (Feb 20)
- RE: passwords Shanna Daly (Feb 20)
- RE: passwords Trevor Cushen (Feb 20)
  - Re: passwords Glen Mehn (Feb 20)
  - RE: passwords Tim Heagarty (Feb 20)
- RE: passwords Högman, Lars (Feb 22)