Educause Security Discussion mailing list archives
Re: Passwords & Passphrases
From: "J. Alex Campoe" <campoe () USF EDU>
Date: Mon, 19 Nov 2007 13:24:46 -0500
BrianHere's the current policy for our ACtive Directory, which includes all faculty/staff accounts:
Minimum password length (characters) 8 Password must meet complexity requirement Enabled Store password using reversible encryption Disabled Enforce password history (no. of unique passwords) 5 Maximum password age (days) 180 When complexity requirement is enabled, passwords must • Not contain all or part of the user's account name • Contain characters from three of the following four categories: o English uppercase characters (A through Z) o English lowercase characters (a through z) o Base 10 digits (0 through 9) o Non-alphanumeric characters (e.g., !, $, #, %) Alex Brian T Nichols wrote:
Colleagues,We are researching best practices regarding passwords and passphrases (length, complexity, expiration, etc..).Does anyone have a standard and/or policy they can share?Thanks in advance!-BrianBrian Nichols, CISSP, CISM, CISA, CIA Chief IT Security & Policy Officer Louisiana State University
-- -- Alex Campoe, CISSP Information Security Manager -- -- Associate Director, Systems -- -- Email: campoe () usf edu Phone: (813) 974-1796 -- -- Academic Computing University of South Florida -- -----------------------------------------------------------------------
Current thread:
- Passwords & Passphrases Brian T Nichols (Nov 19)
- <Possible follow-ups>
- Re: Passwords & Passphrases Torres, Juan (Nov 19)
- Re: Passwords & Passphrases J. Alex Campoe (Nov 19)
- Re: Passwords & Passphrases Roger Safian (Nov 19)
- Re: Passwords & Passphrases HALL, NATHANIEL D. (Nov 19)
- Re: Passwords & Passphrases Randy Marchany (Nov 19)
- Re: Passwords & Passphrases Randy Marchany (Nov 19)
- Re: Passwords & Passphrases Steve Worona (Nov 19)
- Re: Passwords & Passphrases Julian J Thompson (jthmpsn2) (Nov 19)
- Re: Passwords & Passphrases Bob Bayn (Nov 19)
- Re: Passwords & Passphrases Julian J Thompson (jthmpsn2) (Nov 19)
- Re: Passwords & Passphrases Shane Bishop (Nov 19)
- Re: Passwords & Passphrases Sweeny, Jonny (Nov 19)
(Thread continues...)