Passwords - Part deux

In my previous post - Microsoft, the weakest link in your password policy? -I discussed how easy it was to "crack" your local passwords and potentially compromise your domain simply by leaving a group policy at its default setting.

Bruce Schneier wrote an article in Wired Magazine called Secure Passwords Keep you Safer. He concludes his article with the following paragraph that is so true and exactly to my point:

For years, I have said that the easiest way to break a cryptographic product is almost never by breaking the algorithm, that almost invariably there is a programming error that allows you to bypass the mathematics and break the product. A similar thing is going on here. The easiest way to guess a password isn't to guess it at all, but to exploit the inherent insecurity in the underlying operating system.

Technorati Tags:
group policy, Microsoft, passwords, security, Active Directory