Microsoft’s new password collector.

Sorry, did I say that out loud?


No, it’s not really a password collector.


Probably.


What I’m talking about is a new tool from Microsoft that aims to tell you when a password is “Weak”, “Medium”, “Strong” or “Best”.


Try it for yourself – see that “This is my password.” is “BEST”, and “Cz!r4Tz” is “Weak”.


From that comparison, it’s obvious that this tool is only a guideline, and probably that’s all it can be – but you might want to try it on your users.  At the very least, many weak passwords will be shown to them as being weak.

2 Responses to Microsoft’s new password collector.

  • girishb says:

    But, Isn’t “This is my password.” a lot better password to remember and hard to crack from automated tools than Czlr4Tz? All my passwords are pass-phrases and they make it easy to remember and based on this http://blogs.technet.com/robert_hensing/archive/2004/07/28/199610.aspx a better password in many ways.
    Girish

  • Alun Jones says:

    It’s certainly a lot easier to remember, and the last time I researched password cracking tools, none of them took the time to try “ .”
    But that’s relying on the cracking tools remaining in that state.
    Your pass-phrases should continue to add complexity and entropy that are not related to a reliance on the cracking tools simply not catching up to the world of pass-phrases.

Leave a Reply

Your email address will not be published. Required fields are marked *


*

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>