
	Home > Ask the Windows Security Experts > Windows Security Threats Questions & Answers > Managing passwords and passphrases

Ask The Windows Security Expert: Questions & Answers

EMAIL THIS

Managing passwords and passphrases

EXPERT RESPONSE FROM: Kevin Beaver

		Pose a Question

		Other Windows Security Categories

		Meet all Windows Security Experts
		Become an Expert for this site

Digg This!

StumbleUpon

Del.icio.us

QUESTION POSED ON: 11 August 2005
Why do most passphrase password hints suggest using the first letter of each word instead of using the whole phrase? I am currently using passphrases consisting of 15 or more characters including spaces. There is only one place that I access that requires an eight character password and it is also limited in what you can use in it. My current passphrase has uppercase, lowercase, special characters, spaces and numbers -- it is fairly easy to remember. When you have more than one in use, does it become harder to manage?

EXPERT RESPONSE

Some people believe that no password or passphrase should contain anything that can be found in a dictionary. Most people have their own opinions regarding the "ideal" password or passphrase and I always recommend aiming for the best practice of "easy to remember yet difficult to guess" and (especially) do what makes the most sense for the business. It sounds like you're on the right track. I wrote more about this topic in a recent SearchWindowsSecurity.com article: Windows password management myths.

Sound Off! -

Be the first to post a message to Sound Off!

Digg This!

StumbleUpon

Del.icio.us

RELATED CONTENT

	Windows Security Threats
	How can I use Process Explorer as a Web security tool?
	How did a rootkit get on my Windows machine?
	Have I experienced a Windows security breach?
	How to solve Windows security log mysteries
	Password security in Windows XP Professional
	How can I discover a hacker's IP address?
	How to set up a network with Windows security in mind
	How to use GPOs to deny folder permissions
	How can I run third-party antivirus software?
	How can I detect IP addresses that connect to IIS?

Authentication

Locked out of Windows 2000 computer

Reduce resistance to creating strong computer passwords

Looking ahead to life without passwords

Accessing a Windows 2000 Pro without the password

Accessing forgotten passwords

HijackThis

Default passwords for Windows 2000 and Windows XP

How to Bypass BIOS Passwords

Laptop security solutions for Windows users

Taking over the domain

Authentication Research

Authentication

Reduce resistance to creating strong computer passwords

Looking ahead to life without passwords

Hacking other machines

Security log data: Make the most of it

Checklists: Harden access control settings

Access control checklists

Windows password management myths

Protect desktop files and folders from inside snoops

10 tips in 10 minutes: Password policy considerations

7 tips in 7 minutes: Windows password creation

Authentication Research

RELATED RESOURCES

2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems

Search Bitpipe.com for the latest white papers and business webcasts

Whatis.com, the online computer dictionary

Search and Browse the Expert Answer Center
Search and browse more than 25,000 question and answer pairs from more than 250 TechTarget industry experts.

Browse our Expert Advice
Operating Systems IT Management Networking Database	Security Servers and Storage Applications and Development Career Center

SEARCH

TechTarget provides enterprise IT professionals with the information they need to perform their jobs - from developing strategy, to making cost-effective IT purchase decisions and managing their organizations' IT projects - with its network of technology-specific Web sites, events and magazines.


TechTarget Corporate Web Site \| Media Kits \| Reprints \| Site Map All Rights Reserved, Copyright 2004 - 2008, TechTarget \| Read our Privacy Policy