Security Basics mailing list archives

Previous By Date Next
Previous By Thread Next

RE: Website password policies

From: Joey Peloquin <jpelo1 () jcpenney com>
Date: Tue, 10 Feb 2004 12:56:56 -0600
http://www.securityfocus.com/infocus/1688

Joey Peloquin



-----Original Message-----
From: bob martin [mailto:bobmartin_613 () hotmail com] 
Sent: Tuesday, February 10, 2004 8:32 AM
To: security-basics () securityfocus com
Subject: Website password policies


Hello,
I'm been tasked with writing our website password policy and 
am wondering if 
there are best practices for this.  I'm torn between the 
security aspect 
versus the customer overhead and dissasatifaction of the 
typical website 
user if the password rules are too complex.

Any help would be much appreciated.

Thank you.
Bob

[snip]


The information transmitted is intended only for the person or entity to
which it is addressed and may contain confidential and/or privileged
material.  If the reader of this message is not the intended recipient,
you are hereby notified that your access is unauthorized, and any review,
dissemination, distribution or copying of this message including any
attachments is strictly prohibited.   If you are not the intended
recipient, please contact the sender and delete the material from any
computer.


---------------------------------------------------------------------------
Free trial: Astaro Security Linux -- firewall with Spam/Virus Protection

Protect your network with the comprehensive security solution that
integrates six applications for ease of use and lower TCO.

Firewall - Virus protection - Spam protection - URL blocking - VPN
- Wireless security.

Download 30-day evaluation at:
http://www.astaro.com/php/contact/securityfocus.php
----------------------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: