PASSWORD POLICY
The recommended minimum password length is 14 characters. With the advancement of CPU processing power & RAM, 8 character passwords are no longer recommended.
To make a password strong avoid using words found in the dictionary or part of the username. Use at least 3 of the following four:
Uppercase letters (26 A through Z)
Lowercase letters (26 a through z)
Numbers (10 numbers 0-9)
Special characters (32 characters, like !, @, #, %, &, and *)
If you use an 8 character password with only lowercase letters, it is calculated as 26^8, or 208827064576 (208 billion) possibilities. Making the password 10 lowercase letters changes it to 141 trillion possibilities.
With a desktop computer and a high-end graphics card, there are password-cracking tools capable of testing 20 billion passwords per second. An attacker could break the 10 character password in two hours.
Using the combination possibilities of utilizing all four character types will equal 94 characters. Change your password to 14 characters and use a combination of all four character types (94^14) and the possibilities are mind-blowing, a little over 4 septillions.
Password length: To make brute force attacks more difficult, enforce minimum length.
Password history: A password history setting in Group Policy can be enabled for 24 passwords. The user would not be able to use their favorite password until 24 different passwords have been used. This needs to be enabled along with Password Minimum Age. If the user is using the same password after the Maximum Password Age (Password expiration) then Password History is not enabled.
Password Minimum Age: The default setting in Group Policy is 0, meaning the user could change their passwords multiple times on the same day to get back to their favorite password. The administrator would receive multiple password reset alerts.
To make a password strong avoid using words found in the dictionary or part of the username. Use at least 3 of the following four:
Uppercase letters (26 A through Z)
Lowercase letters (26 a through z)
Numbers (10 numbers 0-9)
Special characters (32 characters, like !, @, #, %, &, and *)
If you use an 8 character password with only lowercase letters, it is calculated as 26^8, or 208827064576 (208 billion) possibilities. Making the password 10 lowercase letters changes it to 141 trillion possibilities.
With a desktop computer and a high-end graphics card, there are password-cracking tools capable of testing 20 billion passwords per second. An attacker could break the 10 character password in two hours.
Using the combination possibilities of utilizing all four character types will equal 94 characters. Change your password to 14 characters and use a combination of all four character types (94^14) and the possibilities are mind-blowing, a little over 4 septillions.
Password length: To make brute force attacks more difficult, enforce minimum length.
Password history: A password history setting in Group Policy can be enabled for 24 passwords. The user would not be able to use their favorite password until 24 different passwords have been used. This needs to be enabled along with Password Minimum Age. If the user is using the same password after the Maximum Password Age (Password expiration) then Password History is not enabled.
Password Minimum Age: The default setting in Group Policy is 0, meaning the user could change their passwords multiple times on the same day to get back to their favorite password. The administrator would receive multiple password reset alerts.
No comments:
Post a Comment