Tuesday, May 25, 2010

Strong PAssword Syntax per NIST

Please follow this example as much as possible to reduce your chances of being hacked.

Strong Password Information
The syntax of a strong password will follow these guidelines:

A strong password must be at least eight (8) characters long and contain at least:
    One upper case letter (A, B, C,..).
    One lower case letter (a, b, c,..).
    One numeric digit (0 through 9).
    One special character (!, @, #, $, %, etc.)

A strong password cannot contain:
    More than 3 consecutive characters of the user's ID.
    Any English language word of more than 3 characters. The sequence "bar" in a password would be accepted, but the sequence 'barn' would be rejected.
    Repeating sequences of more than 2 characters. The password 'Tz$3zxczxc8' would be rejected, because although it meets the previous criteria, it contains the 3 letter repeating sequence 'zxczxc'.
    A palindrome. It cannot be the same backwards as it is forwards - like 'T$8zz8$T'

Ben
drben54@gmail.com

Posted via email from drben54's posterous

No comments: