assurance - Re: [Assurance] Password Strength Requirements

Subject: Assurance

List archive

Re: [Assurance] Password Strength Requirements

From: Tom Scavo <>
To:
Subject: Re: [Assurance] Password Strength Requirements
Date: Thu, 09 Aug 2012 09:14:33 -0400 (EDT)

> - Are you (planning on) requiring longer passwords?

We do this. If the password is used regularly (say, daily), then yes, a
longer password is an option. However, if the password is used irregularly,
then any increase in security is more than offset by a decrease in usability
plus an increase in deployment costs due to an increased frequency of
password resets. (In our case, automated password resets are not allowed due
to security concerns.)

Tom

[Assurance] Password Strength Requirements, Benn Oshrin, 08/08/2012
- Re: [Assurance] Password Strength Requirements, Brendan Bellina, 08/08/2012
- Re: [Assurance] Password Strength Requirements, Eric Goodman, 08/08/2012
- RE: [Assurance] Password Strength Requirements, Dergenski, Todd A., 08/08/2012
- Re: [Assurance] Password Strength Requirements, Brendan Bellina, 08/08/2012
- Re: [Assurance] Password Strength Requirements, Tom Scavo, 08/09/2012
- <Possible follow-up(s)>
- Re: [Assurance] Password Strength Requirements, Joe St Sauver, 08/08/2012
  - Re: [Assurance] Password Strength Requirements, Cantor, Scott, 08/08/2012
    - Re: [Assurance] Password Strength Requirements, David Bantz, 08/08/2012
  - [Assurance] Re: Password Strength Requirements, Jon Miner, 08/08/2012
    - Re: [Assurance] Re: Password Strength Requirements, Stefan Wahe, 08/08/2012
- Re: [Assurance] Password Strength Requirements, Joe St Sauver, 08/08/2012
  - Re: [Assurance] Password Strength Requirements, Cantor, Scott, 08/08/2012
    - Re: [Assurance] Password Strength Requirements, Brendan Bellina, 08/08/2012
      - Re: [Assurance] Password Strength Requirements, Cantor, Scott, 08/08/2012
- Re: [Assurance] Password Strength Requirements, Joe St Sauver, 08/08/2012

List archive

Re: [Assurance] Password Strength Requirements