Re: Password recommendations
From: Mike Danseglio \(MSFT\) (nospam_mikedan@online.microsoft.com)
Date: 03/27/03
- Next message: GregE: ""Visual Basic Scripting Support" message"
- Previous message: Kevin: "Re: Salvage"
- In reply to: Jennifer: "Password recommendations"
- Next in thread: Daniel Billingsley: "Re: Password recommendations"
- Reply: Daniel Billingsley: "Re: Password recommendations"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: "Mike Danseglio \(MSFT\)" <nospam_mikedan@online.microsoft.com> Date: Thu, 27 Mar 2003 12:08:31 -0800
What an excellent question!
Basically, that recommendation forces both seven-character chunks of the
password to be non-zero. This requires much more work on the part of the
existing password cracking tools. Its true that a fourteen character
password is far more secure than an eight character. But a seven character
leaves one whole half of the password as null, which is instantly broken.
Hope that helps.
-- -Mike Danseglio Microsoft Corporation This posting is provided "AS IS" with no warranties, and confers no rights. "Jennifer" <Jennylats@aol.com> wrote in message news:356601c2f2d8$3f4b4370$a201280a@phx.gbl... > Microsoft recommends that a password be 8 characters long - > however, passwords are stored in 7 character lengths > making an 8 character password easiest to figure out. My > question is why do they recommend 8 then? am I missing > something?
- Next message: GregE: ""Visual Basic Scripting Support" message"
- Previous message: Kevin: "Re: Salvage"
- In reply to: Jennifer: "Password recommendations"
- Next in thread: Daniel Billingsley: "Re: Password recommendations"
- Reply: Daniel Billingsley: "Re: Password recommendations"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
