Educause Security Discussion mailing list archives
Re: Who is using Passphrase over 16 characters
From: Alan Amesbury <amesbury () OITSEC UMN EDU>
Date: Thu, 3 Sep 2020 16:12:18 -0500
On 03 Sep 20, at 16:05, Cathy Hubbs <hubbs () AMERICAN EDU> wrote:
We have been supporting 2 password policies for several years and would like to move to 1 (the 16+ character passphrase). Wondering how many of you have adopted a longer/stronger passphrase policy? For ease of response – anyone using passphrase policy requiring at least 12 characters?
[snip] Policy requires a complex password for our high and medium classifications: https://policy.umn.edu/it/securedata-appaaam The policy refers to https://it.umn.edu/resources-it-staff-partners/information-security-standards/authentication-access-account-management for a discussion of what a complex password is, which includes a requirement that it be >=16 characters long. I note they didn't use my own authentication factor definitions: 1) Something you lose. 2) Something you forget. 3) Something you cease to be. -- Alan Amesbury Security Analyst | University Information Security (UIS) University of Minnesota | umn.edu | 612-625-8810 Information Security is a shared responsibility. Learn more at: https://it.umn.edu/what-security-incident ********** Replies to EDUCAUSE Community Group emails are sent to the entire community list. If you want to reply only to the person who sent the message, copy and paste their email address and forward the email reply. Additional participation and subscription information can be found at https://www.educause.edu/community
Current thread:
- Who is using Passphrase over 16 characters Cathy Hubbs (Sep 03)
- Re: Who is using Passphrase over 16 characters Blake Brown (Sep 03)
- Re: Who is using Passphrase over 16 characters Gregory, Christopher (Sep 04)
- Re: Who is using Passphrase over 16 characters Francisco Chavez (Sep 05)
- Re: Who is using Passphrase over 16 characters Nathan Phillips (Sep 08)
- Re: Who is using Passphrase over 16 characters Gregory, Christopher (Sep 04)
- Re: Who is using Passphrase over 16 characters Blake Brown (Sep 03)
- Re: Who is using Passphrase over 16 characters Alan Amesbury (Sep 03)
- Re: Who is using Passphrase over 16 characters Francisco Chavez (Sep 03)
- Re: Who is using Passphrase over 16 characters Scott Hicks (Sep 04)
- Re: Who is using Passphrase over 16 characters Alex Lindstrom (Sep 04)
- Re: Who is using Passphrase over 16 characters Dan Wasson (Sep 04)
- Re: Who is using Passphrase over 16 characters Francisco Chavez (Sep 03)