Educause Security Discussion mailing list archives
Re: Active Directory Password Strength
From: Tim Howard <Timothy_G_Howard () RAYTHEON COM>
Date: Mon, 14 Nov 2005 13:23:27 -0500
Recommend you follow NIST guidelines: 8 characters minimum combination of Upper and lower case alphas, numbers and special signs update your dictionary to reject obvious combinations of proper names, names of local entities like sports teams, etc See 800-53, and 800-63, among others... http://csrc.nist.gov Raytheon Tim Howard Information Security Manager Raytheon Information Solutions 301.943.4732 cell; timothy_g_howard () raytheon com "Cary, Kim" <Kim.Cary () PEPPERDINE EDU> 11/14/2005 01:13 PM Please respond to The EDUCAUSE Security Discussion Group Listserv <SECURITY () LISTSERV EDUCAUSE EDU> To SECURITY () LISTSERV EDUCAUSE EDU cc Subject [SECURITY] Active Directory Password Strength Does anyone have any product recommendations or rollout procedures (technical) they could recommend for implementing Active Directory password strength requirements? Many (90%) of our users don't sign on to the domain, yet it controls their authentication as the backend for several systems. This prevents us from just turning on requirements and letting them be prompted by their next domain sign-in session for a new password. Thanks for any suggestions! -- Kim Cary, Ed.D. Infrastructure Security Administrator Pepperdine University 310 506 6655 - M-F 7-4
Current thread:
- Active Directory Password Strength Cary, Kim (Nov 14)
- <Possible follow-ups>
- Re: Active Directory Password Strength Tim Howard (Nov 14)
- Re: Active Directory Password Strength Stewart, Ian (Nov 14)
- Re: Active Directory Password Strength Lucas, Bryan (Nov 14)
- Re: Active Directory Password Strength Bradley Ellis (Nov 14)
- Re: Active Directory Password Strength Graham Toal (Nov 15)
- Re: Active Directory Password Strength Russell Fulton (Nov 15)
- Re: Active Directory Password Strength Cary, Kim (Nov 16)
- Re: Active Directory Password Strength Graham Toal (Nov 16)
- Re: Active Directory Password Strength Eric Brewer (Nov 16)
- Re: Active Directory Password Strength Riedl, Steve Thomas (Nov 17)
- Re: Active Directory Password Strength Russell Fulton (Nov 25)