On 01/31/2017 08:23 AM, Grant NAPC wrote:
I agree with Kent, although I do believe you should rotate your password at some reasonable interval. We do enforce password rotation and a mix of alphanumeric/symbols at my company.
Here is an idea: Don't let users set their own passwords. That way you can be sure you aren't being fed that user's Ashley Madison or Yahoo password. This won't prevent password reuse in the other direction, unfortunately.
"15-ladder-bamboo-sierra" is an easy password to remember and type, yet it has 40-bits of entropy. Even if some bizarrely configured sshd allowed 1000-attempts per second (which they don't) it would still take over 18-years to try half the combinations.
02-alex-smile-metro, 5b-mile-sleep-school, ea-mercy-copy-pizza... -kb _______________________________________________ Discuss mailing list [email protected] http://lists.blu.org/mailman/listinfo/discuss
