Password Security Guidelines
Password Security can be an emotive subject. There are guidlines and recommendations that have survived a long time, and like some nutrition recommendations, these mantras are brought out, quoted as fact, but never challenged.
I won't be challenging that in this piece, but what I will be doing is providing some links to some well known organisations, such as the UK's GCHQ and the US's NIST, to see what their latest recommendations are. I've also added a great comic style one-pager from XKCD discussing how complex passwords may not be as secure as you think. Finally, there is a link to a recent Google talk, dealing with Cyber Security. (and if you haven't watched Steven Spielberg's film about Frank Abagnale, the presenter of this talk, it's well worth watching.)
NIST Special Publication - Digital Authentication Guidelines
Talks at Google - Frank Abagnale
If I were to summarise, I would say that as part of a good multi-layered security policy, we need to make it as easy as possible for the average user to play their part.
Comments Welcome...