Reply to post: Passwords are not the issue

'Password rules are bullsh*t!' Stackoverflow Jeff's rage overflows

cmcdev

Passwords are not the issue

Password complexity is not the issue (to a certain point), the systems controlling them are. Rate limiting attempts, max tries per minute, hour day, pattern detection (such as logging the failures IP/MAC to multiple UIDs) and 2FA massively reduce brute force. Don't get my wrong blocking most used passwords is also required.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2019