|
|
On Tue, 16 Aug 2011 16:05:31 -0700, Darren New wrote:
> On 8/11/2011 11:17, Jim Henderson wrote:
>> On Thu, 11 Aug 2011 09:09:01 +0100, Invisible wrote:
>>> Personally, I think the most /realistic/ way to gauge password
>>> strength is to see how long it takes real, commonly-available password
>>> crackers to break your password.
>
>> Arguably that's the most accurate way, but not the most realistic way.
>
> However, I know a number of corporations that will try to crack your
> password each time you change it and if they can, they'll make you
> change it again. You just get an email after a couple days saying
> "change it or get locked out."
Yeah, that's a different approach - and not necessarily a bad one.
Jim
Post a reply to this message
|
|