Security Basics mailing list archives
Re: Security procedure question
From: "Saqib Ali" <docbook.xml () gmail com>
Date: Tue, 26 Sep 2006 15:15:31 -0700
You might also check out our paper for '02 - "Strong Passwords are an Oxymoron"
I don't buy this. Try using "cryptographically strong but Pronounceable password", and provide a SSO solution to the user. More details at: http://www.xml-dev.com/blog/index.php?action=viewtopic&id=122 Single Sign On is a must if you want to enforce strong password policy.... -- Saqib Ali, CISSP, ISSAP Support http://www.capital-punishment.net ----------- "I fear, if I rebel against my Lord, the retribution of an Awful Day (The Day of Resurrection)" Al-Quran 6:15 ----------- --------------------------------------------------------------------------- This list is sponsored by: Norwich University EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINEThe NSA has designated Norwich University a center of Academic Excellence in Information Security. Our program offers unparalleled Infosec management education and the case study affords you unmatched consulting experience. Using interactive e-Learning technology, you can earn this esteemed degree, without disrupting your career or home life.
http://www.msia.norwich.edu/secfocus ---------------------------------------------------------------------------
Current thread:
- RE: Security procedure question, (continued)
- RE: Security procedure question Henry Troup (Sep 21)
- Re: Security procedure question Saqib Ali (Sep 22)
- Re: Security procedure question Mario A. Spinthiras (Sep 25)
- Re: Security procedure question Saqib Ali (Sep 25)
- RE: Security procedure question Henry Troup (Sep 21)
- Re: Security procedure question MandommGmail (Sep 25)
- Re: Security procedure question Mario A. Spinthiras (Sep 25)
- RE: Security procedure question Ken Kousky (Sep 26)
- Re: Security procedure question Daniel DeLeo (Sep 27)
- Re: Security procedure question Saqib Ali (Sep 27)
- Re: Security procedure question Mario A. Spinthiras (Sep 27)
- RE: Security procedure question Curtis Duck (Sep 27)
- RE: Security procedure question Paul Sutton (Sep 28)