No related posts.
How to Choose a Good Password
March 15, 2009 By
The author of Into the Breach and creator of Awareness that Works™, Michael Santarcangelo is known as a human catalyst that advocates for individuals while advancing organizations. By connecting people to the consequences of their actions, he delivers results that reduce risk, increase resiliency and allow organizations to more with less. Guaranteed. Learn more at www.securitycatalyst.com or engage with him on twitter.com/catalyst
Thanks guys! I was looking for a good clip to segue into a brief discussion about basic password policies over at the Intern’s Revenge blog. Although I was a little surprised about advising people to use two dictionary words as a “strong password.” Am I alone in thinking that’s not good practice?
Strength is determined as a factor of the overall “key space” and the length. Assuming uppercase, lowercase digits and non-alpha characters are allowed, then the longer password is better. While we like to beat people about the head and shoulders to suggest they need to choose inane combinations as a password, taking two words that they know, and joining them together with some non-standard characters creates a long password that should not fall prey to dictionary attacks.