Microsoft Password Guidance – over 10 million username/password pair attacks every day

Microsoft_logo  Whitepaper ‚Microsoft Password Guidance

1. Maintain an 8-character minimum length requirement (and longer is not necessarily better)
2. Eliminate character-composition requirements
3. Eliminate mandatory periodic password resets for user accounts
4. Ban common passwords, to keep the most vulnerable passwords out of your system
5. Educate your users not to re-use their password for non-work-related purposes
6. Enforce registration for multi-factor authentication
7. Enable risk based multi-factor authentication challenges


Leave a Reply

You must be logged in to post a comment.