PC HOME SECURITY
products downloadsordering contact uslinks
 

Password Policies

Guessing passwords is still an effective way to break into systems, and password theft is a major problem. Password policies force users to select good passwords and to change them often, which makes it more difficult to penetrate a computer from the outside. The following recommendations will harden your system against someone who tries to guess or steal passwords:

  • Maximum password age: 90 days. This forces users to change their passwords every 90 days. A longer time period opens a large window in which successfully broken or stolen passwords can be used before being changed. A shorter time period may annoy your users and cause rebellion.
  • Minimum password age: one day. Minimum password age prevents users from changing their password and immediately changing it back to the old password, effectively eliminating the requirement to change passwords.
  • Minimum password length: eight characters. Longer passwords take longer to break and guess.
  • Password uniqueness: five passwords. This is the number of remembered passwords for each user. Users can't reuse a password until they have used five different new passwords. If the minimum password age is one day, it would take users five days of changing their password every day before they could reuse a password. This is intended to discourage the use of repeat passwords, and it is very effective.
  • Account lockout: lockout after five failed attempts; reset count after ten minutes. This simply reduces the number of tries that a brute-force password-guessing attack can make over a given period of time. Account lockouts can be detected and tracked to indicate a brute-force password-guessing attack.
  • Lockout duration: 15 minutes. Remember, you are just trying to discourage the guessing attack, and an employee will be idle during this time. Selecting the reset to forever will force an administrator to unlock the account. This is not recommended and is probably overkill. The costs really mount up when you consider an idle employee and the time of the administrator who must unlock the account.
 

Recommended software:
  1st Security Center Pro
1st Security Center Pro

 User Time Control
User Time Control

 Internet Explorer Security
Internet Explorer Security
Copyright (C) All Rights Reserved 2006.www.pchomesoft.com
pc time limit access kids restrict deny limiting windows parental control administrator password child children security 		main | products | Windows XP Tips | links | sitemap | RSS

Warning: include(ad_network_232.php) [function.include]: failed to open stream: Нет такого файла или каталога in /home/users1/s/ssslab/domains/pchomesoft.com/internet/password-policies-3.html on line 147

Warning: include() [function.include]: Failed opening 'ad_network_232.php' for inclusion (include_path='.:/usr/local/zend/share/pear:../:../../:../../../:../../../../') in /home/users1/s/ssslab/domains/pchomesoft.com/internet/password-policies-3.html on line 147