[148091] in North American Network Operators' Group
Re: AD and enforced password policies
daemon@ATHENA.MIT.EDU (Lyndon Nerenberg)
Mon Jan 2 21:11:33 2012
Date: Mon, 2 Jan 2012 18:10:33 -0800 (PST)
From: Lyndon Nerenberg <lyndon@orthanc.ca>
To: Steven Bellovin <smb@cs.columbia.edu>
In-Reply-To: <A2DFB87C-78E7-4016-A19B-A55D97E2A9CC@cs.columbia.edu>
Cc: "Nanog@nanog.org" <Nanog@nanog.org>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
> I just went through some calculations for a (government) site that has the
> following rules:
[...]
> Under the plausible assumption that very many people will start with a string
> of digits, continue with a string of lower-case letters to reach seven characters,
> and then add a period, there are only ~5,000,000,000 choices. That's not many at
> all -- but the rules look just fine...
1234;lkj rolls off the fingers quite nicely, don't you think?
