Search
Sponsors
Account Passwords and Policies
Passwords are an important step in a security plan for your network. Users may see passwords as a nuisance; however, the security of your enterprise relies on a combination of password length, password uniqueness, and password lifespan. These three items help defend against dictionary attacks and brute force attacks. A dictionary attack occurs when a malicious user tries known words that are in the dictionary and a number of common password names to try and guess a password. A brute force attack occurs when a malicious user tries all of the possible permutations until one is successful.Because most users prefer passwords that they can easily remember, dictionary attacks are often an effective method for a malicious user to find a password in significantly less time than they would with brute force attacks. Therefore, the strength of a password depends on how many characters are in the password, how well the password is protected from being revealed by the owner, how well the password is protected if it is intercepted by a malicious user on the network, and how difficult the password is to guess. Even good passwords that are protected by cryptography on the network and that are not subject to dictionary attacks can be discovered by brute force in a few weeks or months by a malicious user who intercepts the password on the network.
Read the full article on Account Passwords and Policies on Technet