This is a very interesting older article, although some stuff has been updated about password and Complexity.
http://bit.ly/kFXdPL 2008 AD here with complexity turned on, W7 and XP client's, we recommend the use of passphrases to all our users, Mine has spaces and I haven't had any issues authenticating to other platforms using AD Thx! Carlos Garcia-Moran Server / Storage Engineer Sprague Energy www.spragueenergy.com<http://www.spragueenergy.com> P: 603-430-5355 C: 857-234-0343 F: 603-430-7219 From: Kennedy, Jim [mailto:kennedy...@elyriaschools.org] Sent: Tuesday, May 03, 2011 10:10 AM To: NT System Admin Issues Subject: RE: Password complexity Ok, that's a good reason. Appreciate the heads up in case we run into that. From: Gary Whitten [mailto:li...@undiscoveredworlds.com] Sent: Tuesday, May 03, 2011 10:01 AM To: NT System Admin Issues Subject: RE: Password complexity I have heard of passphrases, but never used them and thus forget about them. The primary reason is that where I'm at now, there is a lot of password synching between AD and applications, and the rules are not the same across the board. I do use similar things in my own passwords but don't use space but I do use the char/num substitution as well as part of it. Thank you all for the education. From: Erik Goldoff [mailto:egold...@gmail.com] Sent: Tuesday, May 03, 2011 9:48 AM To: NT System Admin Issues Subject: RE: Password complexity +1 And often much easier to remember. For those simpler clients not needing extreme measures, I recommend simple pass phrases that mimic some situation or characteristic of their lives so they won't need to write anything down ( but also a few simple letter to number and punctuation substitutions )... Ie My chair is old = MyCha1r1s0ld! The wall is blue =Th3*wa11*isblu3 You get the idea, still not likely to be susceptible to dictionary attack. Erik Goldoff IT Consultant Systems, Networks, & Security ' Security is an ongoing process, not a one time event ! ' From: James Rankin [mailto:kz2...@googlemail.com] Sent: Tuesday, May 03, 2011 9:39 AM To: NT System Admin Issues Subject: Re: Password complexity Why? Ever heard of "pass-phrases"? They are more secure than "passwords", IMHO On 3 May 2011 14:36, Gary Whitten <li...@undiscoveredworlds.com<mailto:li...@undiscoveredworlds.com>> wrote: Personally, I'd be shocked if any user ID or password was allowed to have a space in it. From: Kennedy, Jim [mailto:kennedy...@elyriaschools.org<mailto:kennedy...@elyriaschools.org>] Sent: Tuesday, May 03, 2011 8:38 AM To: NT System Admin Issues Subject: Password complexity Using 2008 R2 with password complexity set to true. A <space> is not a special character and does not count?!? ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com<mailto:listmana...@lyris.sunbeltsoftware.com> with the body: unsubscribe ntsysadmin -- "On two occasions...I have been asked, 'Pray, Mr Babbage, if you put into the machine wrong figures, will the right answers come out?' I am not able rightly to apprehend the kind of confusion of ideas that could provoke such a question." IMPORTANT: This email is intended for the use of the individual addressee(s) named above and may contain information that is confidential, privileged or unsuitable for overly sensitive persons with low self-esteem, no sense of humour or irrational religious beliefs. If you are not the intended recipient, any dissemination, distribution or copying of this email is not authorised (either explicitly or implicitly) and constitutes an irritating social faux pas. Unless the word absquatulation has been used in its correct context somewhere other than in this warning, it does not have any legal or no grammatical use and may be ignored. No animals were harmed in the transmission of this email, although the kelpie next door is living on borrowed time, let me tell you. Those of you with an overwhelming fear of the unknown will be gratified to learn that there is no hidden message revealed by reading this warning backwards, so just ignore that Alert Notice from Microsoft. However, by pouring a complete circle of salt around yourself and your computer you can ensure that no harm befalls you and your pets. If you have received this email in error, please add some nutmeg and egg whites, whisk and place in a warm oven for 40 minutes. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com<mailto:listmana...@lyris.sunbeltsoftware.com> with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com<mailto:listmana...@lyris.sunbeltsoftware.com> with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com<mailto:listmana...@lyris.sunbeltsoftware.com> with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com<mailto:listmana...@lyris.sunbeltsoftware.com> with the body: unsubscribe ntsysadmin _________________________________________________________ This e-mail, including attachments, contains information that is confidential and may be protected by attorney/client or other privileges. This e-mail, including attachments, constitutes non-public information intended to be conveyed only to the designated recipient(s). If you are not an intended recipient, you are hereby notified that any unauthorized use, dissemination, distribution or reproduction of this e-mail, including attachments, is strictly prohibited and may be unlawful. If you have received this e-mail in error, please notify me by e-mail reply and delete the original message and any attachments from your system. _________________________________________________________ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin