January 2018
Intermediate to advanced
376 pages
8h 45m
English
Content preview from Mastering Linux Security and Hardening
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
Start your free trial
Enforcing strong password criteria
You wouldn't think that a benign-sounding topic such as strong password criteria would be so controversial, but it is. The conventional wisdom that you've undoubtedly heard for your entire computer career says:
- Make passwords of a certain minimum length
- Make passwords that consist of a combination of uppercase letters, lowercase letters, numbers, and special characters
- Ensure that passwords don't contain any words that are found in the dictionary or that are based on the users' own personal data
- Force users to change their passwords on a regular basis
But, using your favorite search engine, you'll see that different experts disagree on the details of these criteria. For example, you'll see disagreements ...