Categories
Welcome Center
Education & Development
Discussions
Certification Preparation
Recent Posts
Groups
Free Resources
Ebooks
Free Workshops
Trending Certifications Infographic
Infosec Training
IT & Security Training
Live Boot Camps
Security Awareness Training
About Infosec Institute
Home
Certification Preparation
CompTIA
Network+
Password Question
katman96
I have a question about password practices while I have been studying for my Net + exam. I have seen a few documents that state you should keep your passwords to a
minimum length
. Is this true? if yes what is the reasoning behind it? Thanks
Find more posts tagged with
Save $250 on 2025 certification boot camps from Infosec!
Book now with code EOY2025
Button
Comments
RussS
Yes that is true
Minimum length should be 8 charachters and preferably using symbols as well. The reasoning behind this is that a simple password cracker will nail anything shorter way too quick (this can be as short as 10 minutes for a 6 charachter p/w that is text only).
A nice and secure password would look something like this ...
password = P@s$w0rD
Note the use of charachters is not constant s = s and $ and not both $$ - the number 0 is there and also capitals are used for 2 charachters. All of these combine to create what is known as a complex password.
bluemason
Generally you'll find that passwords are required to be between 6-12 or 8-12 characters in length... if that wasn't imposed, you
know
someone would use 123 or abc
..but it all depends on the setup, of course ( afaik )
Chivalry1
I agree with my brother BlueMason , you have to enforce these types of policies on your network. Or people would have relatively easy passwords. A secure PASSWORD is important. Ensure that there is a good mixture of 3 THINGS: Letters, Characters, and Numbers.
Ten9t6
Don't forget UPPER and lower case letters.
But, you do need to watch all of this...it is a fine balance. If you force 8-12 character passwords with a combination of upper / lower case, numbers and special characters...and then you force regular password changes....users will try to find ways around the raised security. This leads to passwords taped to monitors, under keyboards, or in an open drawer at their desk. This defeats the purpose of the secure passwords. If you need to be really secure I would think about using some sort of multi-factor authentication..
Just something to think about.
Quick Links
All Categories
Recent Posts
Activity
Unanswered
Groups
Best Of
INFOSEC Boot Camps
$250
OFF
Use code
EOY2025
to receive $250 off your 2025 certification boot camp!
BROWSE BOOT CAMPS
