On Mon, Nov 2, 2009 at 9:38 AM, David Lum <[email protected]> wrote:
> Thoughts, comments? Oh and do read the comments.
I've sometimes wondered if we wouldn't be better off enforcing (1) a
very long minimum password length and (2) complexity checking that
only filters stupid sequences. Thus, encouraging users to use
non-trivial passphrases rather than passwords.
Shook and Caesare sitting in a tree
is going to be both hard to guess and easy to remember, while
S5p$3xQ!
is only hard to guess, and thus much more likely to be on a Post-It note.
-- Ben
~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
