AD and enforced password policies

Lyndon Nerenberg lyndon at orthanc.ca
Mon Jan 2 20:10:33 CST 2012


> I just went through some calculations for a (government) site that has the
> following rules:
[...]
> Under the plausible assumption that very many people will start with a string
> of digits, continue with a string of lower-case letters to reach seven characters,
> and then add a period, there are only ~5,000,000,000 choices.  That's not many at
> all -- but the rules look just fine...

1234;lkj rolls off the fingers quite nicely, don't you think?



More information about the NANOG mailing list