On Monday we attacked the utility of current password policies and standards. Today we will offer up an array of improvements.
To be truly effective from a security perspective, password policies need to be designed to withstand both online and offline password cracking methods. We discussed offline methods in our post last month, so we will not do more than recap them here. ...Continue Reading →