>Hi Everyone!
>
>Hope everyone had a great weekend!
>
>Had a questions for you password gurus. We are wanting to implement "strong" passwords in our applications and as I've been searching the internet I've not yet found any real standardizations for what constitutes the strength of a password. Does anyone know if there is some place that this is defined or is it just left up to the individual as to what constitues weak, poor, fair, good, strong, excellent, etc?
>
>Thanks for your input!
On the Cisco Networking Academy sites, users are asked to use a password that:
Is at least 8 characters long, and
Has characters from at least 4 of the following categories: uppercase; lowercase; digits; other symbols.
Now, this is fairly easy to check automatically. But in general, having a strong password is a tricky subject - the above might be considered merely a starting point.
Difference in opinions hath cost many millions of lives: for instance, whether flesh be bread, or bread be flesh; whether whistling be a vice or a virtue; whether it be better to kiss a post, or throw it into the fire... (from Gulliver's Travels)