Educause Security Discussion mailing list archives
Re: Passphrases v Password
From: scott hollatz <shollatz () D UMN EDU>
Date: Fri, 5 Jul 2013 20:30:24 -0500
-- shollatz () d UMn eDu from cell On Jul 5, 2013 7:49 PM, "Cathy Hubbs" <hubbs () american edu> wrote:
Thanks to those that answered both on and off the list. I see we are out in front but not alone. Yes there are others! Every institution has a variety of considerations when making a decision. Happy to discuss off line. The driving force was one year expiration and customer friendly. We believe it is easier to teach customers to write natural language sentences than to pick a number, a symbol, an upper case, and a lower case character. My colleague loves to trot this XKCD comic strip http://imgs.xkcd.com/comics/password_strength.png [image: password_strength.png] Thanks again. Cathy On Jul 5, 2013, at 12:22 PM, "Cathy Hubbs" <hubbs () AMERICAN EDU> wrote: Greetings, American University is moving to require passphrases, 16 character minimum, with upper and lower case requirement for standard users (staff, students, and faculty). I would love to hear from anyone that has gone down this path and experiences from their customers. Thanks Cathy Cathy Hubbs, CISSP, CISA, CGEIT Chief Information Security Officer Office of Information Technology American University
Current thread:
- Re: Passphrases v Password, (continued)
- Re: Passphrases v Password SCHALIP, MICHAEL (Jul 05)
- Re: Passphrases v Password Michael Sinatra (Jul 05)
- Re: Passphrases v Password Rich Graves (Jul 05)
- Re: Passphrases v Password Steven Alexander (Jul 05)
- Re: Passphrases v Password Rich Graves (Jul 05)
- Re: Passphrases v Password Will Froning (Jul 05)
- Re: Passphrases v Password Rich Graves (Jul 05)
- Re: Passphrases v Password Mike Osterman (Jul 05)
- Re: Passphrases v Password Will Froning (Jul 05)
- Re: Passphrases v Password Steven Alexander (Jul 05)
- Re: Passphrases v Password Cathy Hubbs (Jul 05)
- Re: Passphrases v Password scott hollatz (Jul 05)
- Re: Passphrases v Password Ray McClure (Jul 06)
- Re: Passphrases v Password Tim Doty (Jul 08)
- Re: Passphrases v Password randy (Jul 08)
- Re: Passphrases v Password Tim Doty (Jul 08)
- Re: Passphrases v Password shanna leonard (Jul 09)
- Re: Passphrases v Password Steven Alexander (Jul 09)
- Re: Passphrases v Password scott hollatz (Jul 05)