Passwords: does size matter, what characters?
Ben Scott
dragonhawk at gmail.com
Fri Mar 10 10:54:01 EST 2006
On 3/9/06, Ted Roche <tedroche at tedroche.com> wrote:
> Designing a web site for a client, he asked what the general guidance
> was for passwords.
I thought I'd chime in with some additional bits of mine (thus
bringing my contribution to this thread to a full $0.04, I guess <g>).
The usual "strict and strong" password guidelines include something like:
- At least 8 characters
- At least one each of the following character groups:
- Uppercase
- Lowercase
- Digit
- Puncuation
The following password fits those requirements:
Passw0rd!
I've seen that one used all over the place. Point being: No amount
of stregth checking will protect people from themselves. Users have
to be invested in protecting themselves for password security to work.
-- Ben
More information about the gnhlug-discuss
mailing list