Re: Incorrect Login Attempts Software
- From: "Steve Riley [MSFT]" <steve.riley@xxxxxxxxxxxxx>
- Date: Sun, 15 Jun 2008 13:13:21 -0700
Check out my article at http://blogs.technet.com/steriley/archive/2007/09/04/passwords-policies-once-again.aspx. Complex passwords are actually more difficult to remember and more likely to be cracked (because they're short) than simple sentences.
--
Steve Riley
steve.riley@xxxxxxxxxxxxx
http://blogs.technet.com/steriley
http://www.protectyourwindowsnetwork.com
"Anteaus" <Anteaus@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message news:756EAFC8-EE43-4B9F-A1EE-2ACE5643656F@xxxxxxxxxxxxxxxx
Issue here is that there is a 'watershed point' at which passwords become.
non-memorable. People then start writing passwords on post-its attached to
displays. At this point the security of the system plummets.
This is particularly true with 'complexity requirements' which require
numbers, capitals and punctuation, since these prevent the use of a memorable
passphrase.
"Steve Riley [MSFT]" wrote:
Just use good passwords (I like length better than complexity) and do away
with account lockout policies completely.
- References:
- Re: Incorrect Login Attempts Software
- From: Steve Riley [MSFT]
- Re: Incorrect Login Attempts Software
- Prev by Date: Re: Install certificate for all users
- Next by Date: Re: Incorrect Login Attempts Software
- Previous by thread: Re: Incorrect Login Attempts Software
- Next by thread: Re: Incorrect Login Attempts Software
- Index(es):
