[Info-vax] VMS humor
Phillip Helbig undress to reply
helbig at asclothestro.multivax.de
Thu Dec 31 03:18:28 EST 2020
In article <rsi9e5$ghd$1 at dont-email.me>, "Craig A. Berry"
<craigberry at nospam.mac.com> writes:
> And goes against current NIST guidelines for long, easy-to-remember
> passwords that do not routinely expire. Of course most auditors go by
> what NIST said a decade or two ago, so a lot of folks won't have any
> choice about following older practices.
Exactly. Most of the old rules caused people to break others, and the
latter was much worse.
Longer is stronger.
It should be easy for humans to remember and difficult for brute-force
attacks.
If it is compromised, it needs to be changed. If not, it doesn't.
People won't remember it changing it every day. Any damage that can be
done can be done within a day.
So the standard: mixed case, letters and numbers, special characters,
change it every 90 days is about the worst you can do.
More information about the Info-vax
mailing list