🔑 Strong password policies are your first line of defense.
⚙️ Require minimum length and complexity to block easy attacks.
👉 https://zurl.co/jz3uU
🔑 Strong password policies are your first line of defense.
⚙️ Require minimum length and complexity to block easy attacks.
👉 https://zurl.co/jz3uU
The following rules apply for user passwords:
* Passwords must be changed every year
* Passwords are checked against a list of known weak passwords
* Previously used passwords must not be reused
* Passwords must be at least 16 characters long
* Passwords must consist of at least three of the following groups
* lower case letters
* upper case letters
* digits
* emojis coding for emotion
* mostly red emojis
* one half of the simplified Japanese alphabet
* symbols that conjure Lucifer
* Passwords must neither begin or end with a number (because, why not?)
* Passwords must not contain the name of your mom
* Passwords must not contain any words of our secret "dictionary" (like the name of the company but also Football Clubs' deputy managers' wife's/husband's nicknames)
* Passwords sum of the characters' UTF codes must be divisible by seven, 11 or any prime number larger than 1000.
On the bright side: Typing your password *is* still working time, so you get paid. You can also now clame a law degree on your CV.
#ActiveDirectory #SecurityThroughObscurity #Passwords #PasswordPolicy
Sigh, spot the mistakes...
I hope the reason for the password length restriction is not a data field in the backend
🔐 Password Hygiene: Rotating the Wardrobe of Digital Defense #PasswordHygiene #PasswordRotation #SmallBusinessSecurity #Cybersecurity #OpenSource #FreeTools #PasswordManager #KeePassXC #Bitwarden #Passbolt #TwoFactorAuthentication #2FA #Fail2ban #Yubikey #TOTP #OpenSourceSoftware #PasswordStrength #BusinessSecurity #DigitalDefense #SecurityPractices #PasswordPolicy #PasswordManagement #CybersecurityTips #SecurePasswords #BusinessCybersecurity #ITSecurity #OnlineSecurity
✨ LTB Service Desk 0.6.1 released!
📰 Some fixes needed after 0.6 release, mostly for AD compatibility and Docker images
🔗 https://projects.ow2.org/view/ldaptoolbox/ltb-service-desk-0-6-1-released/
#LDAP #OpenLDAP #ActiveDirectory #Password #Security #PasswordPolicy
How to Plan a New (and Improved!) Password Policy for Real-World Security Challenges
https://thehackernews.com/2024/12/how-to-plan-new-and-improved-password.html
#Infosec #Security #Cybersecurity #CeptBiro #PasswordPolicy #RealWorldSecurityChallenges
Must not contain the characters <, > or spaces.
account.docusign.com
Do I get it correctly, that you disallow < and > symbols because you display plaintext passwords on HTML pages/other XML documents without proper encoding?
Do you use plaintext passwords for filenames (surely <, > and spaces are bad options for filenames)?
What could be the reasons to prohibit these symbols?
Ok found a blog post explaining it, from my reading it's equally good (or bad) as the Apple one.
So I'm going to put in the #passwordpolicy that synced passkeys are OK.
But I'd love for someone with real experience extracting/stealing these to tell me why I'm wrong about this and why it'll get us hacked.
oh, well, even you #isaca
Passwords generated by pass shall not pass.
MyAnimeList