Not quite; If you pass the 14 character margin, No LM hash will be stored of the password. 14 characters is its limit, so if you enforce a policy of 15 or greater you do not have to worry about it.
_____________________ Dave Kleiman [EMAIL PROTECTED] www.netmedic.net "High achievement always takes place in the framework of high expectation." Jack Kinder -----Original Message----- From: Chris Berry [mailto:[EMAIL PROTECTED] Sent: Tuesday, August 12, 2003 16:55 To: [EMAIL PROTECTED] Subject: RE: Using non-printable characters in passwords >From: Meidinger Chris <[EMAIL PROTECTED]> >I know you don't want to hear this, but remember that MS Windows NT or 2000 >running in hybrid mode uses an NTLM hash to represent the password. This >hash represents only 7 characters, meaning that if you have a 21 character >password, it is really 3 consecutive 7 character passwords. Thus your 21 >char pass is barely stronger than a 7 character password. For this reaason >complexity is very important in windows, and not length. > >just a reminder for anyone in a windows environment who is setting password >requirements. That's only correct if you're using LM and/or haven't made the registry change to get rid of the backwards compatibility mode. NTLM and NTLMv2 do not suffer from this problem. Chris Berry [EMAIL PROTECTED] Systems Administrator JM Associates "Q: How many software engineers does it take to change a lightbulb ? A: It can't be done; it's a hardware problem." _________________________________________________________________ MSN 8 with e-mail virus protection service: 2 months FREE* http://join.msn.com/?page=features/virus --------------------------------------------------------------------------- ---------------------------------------------------------------------------- --------------------------------------------------------------------------- ----------------------------------------------------------------------------
