Monday, 26 November 2007

SBS - Security - PassPhrases with Spaces?!?

For those of us who have been around for a long time in this industry, we may remember how it was drilled into us that using a space "character" in any type of password was taboo.

It just broke things.

During the recent Technet - MyTechNet Security Tour, it was pointed out that one could use spaces in their PassPhrases.

Wow, how things have changed.

The first thing we did when we were back in the office was test out what types of user accounts would work with a space character, and this is what we came up with so far:
  • Domain/Enterprise/SBS Admins.
  • Domain/Peer User Accounts.
  • System Service Accounts for things like SQL, WSS, and more where a domain/local user account is required.
From what we can gather, the password hacker hammers do not necessarily account for spaces in PassPhrases.

So, here are some good ones:
  • I love my dog!
  • PassPhrases are kewl.
  • My PassPhrase is easy to remember!
  • Log me into my PC.
The benefit of utilizing a PassPhrase of this nature is the ease with which we can remember them.

We will be educating our clients and their users accordingly.

Philip Elder
Microsoft Small Business Specialists

*All Mac on SBS posts are posted on our in-house iMac via the Safari Web browser.

No comments: