Website password policies

["bob martin" <bobmartin_613 () hotmail com>]

Hello,
I'm been tasked with writing our website password policy and am wondering if 
there are best practices for this.  I'm torn between the security aspect 
versus the customer overhead and dissasatifaction of the typical website 
user if the password rules are too complex.

Any help would be much appreciated.

Thank you.
Bob

_________________________________________________________________
Check out the great features of the new MSN 9 Dial-up, with the MSN Dial-up 
Accelerator. http://click.atdmt.com/AVE/go/onm00200361ave/direct/01/


---------------------------------------------------------------------------
Free trial: Astaro Security Linux -- firewall with Spam/Virus Protection

Protect your network with the comprehensive security solution that
integrates six applications for ease of use and lower TCO.

Firewall - Virus protection - Spam protection - URL blocking - VPN
- Wireless security.

Download 30-day evaluation at:
http://www.astaro.com/php/contact/securityfocus.php
----------------------------------------------------------------------------