From: Mike Dieroff (michael@bluescreenit.co.uk)
Date: Thu Jan 19 2006 - 12:38:43 EST
Hi there,
As far as I remember, the NTLANMAN hash maxed at 8 and LM hashes at 13
characters... could be corrected...
I have not really heard of any 'secure' implementation with 6 character
passwords - The minimum today would be:
1.) Password length: 8 characters
2.) Full complexity: Upper and lower case, numerals, alphanumerics <----
Don't forget the spacebar here!!always a good one!
3.) Max age average of around 40 - 60 days dependant
4.) History of around 10 passwords
Hope this helps,
Mike
------------------------------------------------------------------------------
Audit your website security with Acunetix Web Vulnerability Scanner:
Hackers are concentrating their efforts on attacking applications on your
website. Up to 75% of cyber attacks are launched on shopping carts, forms,
login pages, dynamic content etc. Firewalls, SSL and locked-down servers are
futile against web application hacking. Check your website for vulnerabilities
to SQL injection, Cross site scripting and other web attacks before hackers do!
Download Trial at:
http://www.securityfocus.com/sponsor/pen-test_050831
-------------------------------------------------------------------------------
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:55:23 EDT