Educause Security Discussion mailing list archives
Re: 15 character minimum passwords
From: Matthew Keller <kellermg () POTSDAM EDU>
Date: Fri, 9 Jul 2004 11:25:52 -0400
We recently increased our minimum requirement for passwords to 6-8 characters with at least one alphabet and one numeric character. The password must also pass a variety of dictionary tests (eg. cracklib). It's generally held that requiring a more complex password is better than requiring a longer, yet probably less complex password. Additionally, as others have pointed out, weaknesses in various Microsoft hashing schemes can make the protection allegedly afforded by longer passwords, snake oil. On Thu, 2004-07-08 at 16:02, Todd Gunter wrote:
Has anyone adopted the use of 15 character minimum passwords? We are going to start using this password format when we migrate to Windows 2003. I was wondering if anyone has started to use this format and what, if any, issues you had using them? We see this as a simpler approach to passwords. Fifteen character password with complexity is simply 'Ihaveabigmouth.'. They are also supposed to much harder to crack. Please let me know your experiences with this move and any bumps in the road to look out for.
-- Matthew Keller Enterprise Systems Analyst Computing & Technology Services State University of New York @ Potsdam Potsdam, NY USA http://mattwork.potsdam.edu/ ********** Participation and subscription information for this EDUCAUSE Discussion Group discussion list can be found at http://www.educause.edu/cg/.
Current thread:
- Re: 15 character minimum passwords, (continued)
- Re: 15 character minimum passwords Lucas, Bryan (Jul 08)
- Re: 15 character minimum passwords David Wall @ Yozons, Inc. (Jul 08)
- Re: 15 character minimum passwords Bill Frazier (Jul 09)
- 15 character minimum passwords Scott Bradner (Jul 09)
- Re: 15 character minimum passwords Greg Jackson (Jul 09)
- Re: 15 character minimum passwords Rich Graves (Jul 09)
- Re: 15 character minimum passwords Gary Flynn (Jul 09)
- Re: 15 character minimum passwords Gary Dobbins (Jul 09)
- Re: 15 character minimum passwords Lucas, Bryan (Jul 09)
- Re: 15 character minimum passwords Buz Dale (Jul 09)
- Re: 15 character minimum passwords Matthew Keller (Jul 09)
- Re: 15 character minimum passwords Melissa Guenther (Jul 09)
- Re: 15 character minimum passwords Leslie Maltz (Jul 09)
- Re: 15 character minimum passwords Jim Loter (Jul 09)
- Re: 15 character minimum passwords Bill Frazier (Jul 09)
- Re: 15 character minimum passwords Lucas, Bryan (Jul 09)
- Re: 15 character minimum passwords Gary Flynn (Jul 09)
- Re: 15 character minimum passwords Wayne Wilson (Jul 09)
- Re: 15 character minimum passwords Scott Bradner (Jul 09)
- Re: 15 character minimum passwords Lucas, Bryan (Jul 09)
- Re: 15 character minimum passwords Gary Flynn (Jul 09)