15. April 2010 · Comments Off on Conventional password policy recommendations questioned · Categories: Security Policy · Tags:

Microsoft researcher Cormac Herley recently published a paper casting doubt on the economic value of following conventional password policy recommendations. Whether you agree with Herely or not, his economic analysis is well worth reading.

Security Watch has a nice summary.