(A Complex Answer / Microsoft Recommendation) Microsoft recommends:
A) Password does not contain any part of a user's name (Display Name/Account Name/etc.)
B) Must be at least 7 characters
C) Should be changed every 42 days, minimum
D) Must contain 3 of the 5 following: An uppercase, a lowercase, a digit, a symbol, and/or a unicode character.
(My simple answer) I recommend:
Passwords need to be secure, but easy to remember. Of course "T8iL#)iuwr*3A~~!!" is going to be very secure, but who's going to remember that? So, of course, you're going to document that somewhere right? Sheet of paper? Excel document? Notepad document? When you need to document it, how do you secure that document?
So, what is more secure? "T8iL#)iuwr*3A~~!!" or "D0g...................." (Capitol D, Zero, g, +20 periods)? Which one are you going to remember better? Believe it or not, "D0g...................." (23 characters) is going to take quite a bit longer than "T8iL#)iuwr*3A~~!!" (17 characters) to crack.
Here's a nice site I stumbled upon a few weeks ago that shows you just how long it might take to crack a password: https://www.grc.com/haystack.htm
Enjoy!
No comments:
Post a Comment