Educause Security Discussion mailing list archives

Re: Password entropy

From: Roger Safian <r-safian () NORTHWESTERN EDU>
Date: Thu, 20 Jul 2006 08:22:07 -0500

At 05:42 PM 7/19/2006, Dave Koontz put fingers to keyboard and wrote:

As with most things, this really boils down to risk mitigation.  Your
network / system admin staff should have much stricter policies on their
passwords.  However, try to tell a student who is only checking their
college email once a week they need some sort of hyper secure and very
lengthy "pass phrase" they must change every 90 days.


Absolutely...in fact we're testing secondary authentication tokens
to further help in this arena.


--
Roger A. Safian
r-safian () northwestern edu (email) public key available on many key servers.
(847) 491-4058   (voice)
(847) 467-6500   (Fax) "You're never too old to have a great childhood!"

Current thread:

Re: Password entropy, (continued)
- Re: Password entropy Roger Safian (Jul 19)
- Re: Password entropy Roger Safian (Jul 19)
- Re: Password entropy David Gillett (Jul 19)
- Re: Password entropy Roger Safian (Jul 19)
- Re: Password entropy scott hollatz (Jul 19)
- Re: Password entropy Valdis Kletnieks (Jul 19)
- Re: Password entropy Dave Koontz (Jul 19)
- Re: Password entropy Basgen, Brian (Jul 19)
- Re: Password entropy Basgen, Brian (Jul 19)
- Re: Password entropy Roger Safian (Jul 20)
- Re: Password entropy Roger Safian (Jul 20)
- Re: Password entropy Roger Safian (Jul 20)
- Re: Password entropy Roger Safian (Jul 20)
- Re: Password entropy Roger Safian (Jul 20)
- Re: Password entropy Graham Toal (Jul 20)
- Re: Password entropy Valdis Kletnieks (Jul 20)
- Re: Password entropy Basgen, Brian (Jul 20)
- Re: Password entropy Roger Safian (Jul 20)
- Re: Password entropy Basgen, Brian (Jul 20)
- Re: Password entropy Harold Winshel (Jul 20)
- Re: Password entropy Harold Winshel (Jul 20)

(Thread continues...)