#passwordpolicy — Public Fediverse posts

The following rules apply for user passwords:

* Passwords must be changed every year
* Passwords are checked against a list of known weak passwords
* Previously used passwords must not be reused
* Passwords must be at least 16 characters long
* Passwords must consist of at least three of the following groups
* lower case letters
* upper case letters
* digits
* emojis coding for emotion
* mostly red emojis
* one half of the simplified Japanese alphabet
* symbols that conjure Lucifer
* Passwords must neither begin or end with a number (because, why not?)
* Passwords must not contain the name of your mom
* Passwords must not contain any words of our secret "dictionary" (like the name of the company but also Football Clubs' deputy managers' wife's/husband's nicknames)
* Passwords sum of the characters' UTF codes must be divisible by seven, 11 or any prime number larger than 1000.

On the bright side: Typing your password *is* still working time, so you get paid. You can also now clame a law degree on your CV.

#ActiveDirectory #SecurityThroughObscurity #Passwords #PasswordPolicy

Sigh, spot the mistakes...

I hope the reason for the password length restriction is not a data field in the backend

#password #passwordpolicy

🔐 Password Hygiene: Rotating the Wardrobe of Digital Defense #PasswordHygiene #PasswordRotation #SmallBusinessSecurity #Cybersecurity #OpenSource #FreeTools #PasswordManager #KeePassXC #Bitwarden #Passbolt #TwoFactorAuthentication #2FA #Fail2ban #Yubikey #TOTP #OpenSourceSoftware #PasswordStrength #BusinessSecurity #DigitalDefense #SecurityPractices #PasswordPolicy #PasswordManagement #CybersecurityTips #SecurePasswords #BusinessCybersecurity #ITSecurity #OnlineSecurity

http://tomsitcafe.com/2025/04/10/%f0%9f%94%90-password-hygiene-rotating-the-wardrobe-of-digital-defense/

🔐 Password Hygiene: Rotating the Wardrobe of Digital Defense #PasswordHygiene #PasswordRotation #SmallBusinessSecurity #Cybersecurity #OpenSource #FreeTools #PasswordManager #KeePassXC #Bitwarden #Passbolt #TwoFactorAuthentication #2FA #Fail2ban #Yubikey #TOTP #OpenSourceSoftware #PasswordStrength #BusinessSecurity #DigitalDefense #SecurityPractices #PasswordPolicy #PasswordManagement #CybersecurityTips #SecurePasswords #BusinessCybersecurity #ITSecurity #OnlineSecurity

http://tomsitcafe.com/2025/04/10/%f0%9f%94%90-password-hygiene-rotating-the-wardrobe-of-digital-defense/

🔐 Password Hygiene: Rotating the Wardrobe of Digital Defense #PasswordHygiene #PasswordRotation #SmallBusinessSecurity #Cybersecurity #OpenSource #FreeTools #PasswordManager #KeePassXC #Bitwarden #Passbolt #TwoFactorAuthentication #2FA #Fail2ban #Yubikey #TOTP #OpenSourceSoftware #PasswordStrength #BusinessSecurity #DigitalDefense #SecurityPractices #PasswordPolicy #PasswordManagement #CybersecurityTips #SecurePasswords #BusinessCybersecurity #ITSecurity #OnlineSecurity

http://tomsitcafe.com/2025/04/10/%f0%9f%94%90-password-hygiene-rotating-the-wardrobe-of-digital-defense/

✨ LTB Service Desk 0.6.1 released!

📰 Some fixes needed after 0.6 release, mostly for AD compatibility and Docker images

🔗 https://projects.ow2.org/view/ldaptoolbox/ltb-service-desk-0-6-1-released/

#LDAP #OpenLDAP #ActiveDirectory #Password #Security #PasswordPolicy

Ok found a blog post explaining it, from my reading it's equally good (or bad) as the Apple one.

So I'm going to put in the #passwordpolicy that synced passkeys are OK.

But I'd love for someone with real experience extracting/stealing these to tell me why I'm wrong about this and why it'll get us hacked.

oh, well, even you #isaca

#passwordpolicy

How is "partial" password reuse determined?

https://security.stackexchange.com/questions/268593/how-is-partial-password-reuse-determined

#passwordpolicy #passwords

Let's discuss in small groups - TP-Link's "Business Solution" TL-SG switches password policy.

No, no - not recommended. You're unable to set passwords longer than 16 characters, and the only special character besides the _English_ alphabet and numbers is ... underscore.

Let's list all the reasons we can think of. I'll start:

*) what's a hash?
*) [...] government told us to

#TPLink #PasswordPolicy #backdoor #crackable #infosec

Please do not do this with your #passwordpolicy

Password restrictions limit Diceware word list - (when) can this get bad enough one should choose another strategy?

https://security.stackexchange.com/questions/267259/password-restrictions-limit-diceware-word-list-when-can-this-get-bad-enough

#passwordpolicy #passwords

@Xavier oh, I see what you mean. This isn't against our #website, it's logins against #MicrosoftExchangeOnline via an #API trying to #hack into accounts. They're not even using great #passwords to spay with lol. We have #MFA enforced across the #enterprise, #PasswordPolicy is well designed, and #governance in play. I could put additional controls in place, sure, but we don't have a requirement too do so, and we feel satisfied about where we're at - good blending of security and usability.

Our followers have no need to worry about the recent Mastodon credential exfiltration security vulnerability!

That is, assuming you've all been following our prescient advice of not using a password manager: https://brands.town/@cyber/109322938770886942

#Cyber #CyberSecurity #Passwords #PasswordSecurity #PasswordPolicy #Hacking #Infosec #Security

What makes a good password?

According to our research, the ideal password contains one capitalised dictionary word, followed by a single numeric digit, followed by an exclamation mark. For example:

Password1!

Don't try to make your password too complicated, otherwise you'll forget it - especially if you're changing it every month (which we also recommend!)

#CyberSecurity #PasswordPolicy #Cyber #Passwords #Research

Sorry for keeping going on but the webform finds this password: zZ?S*C>O?7dgY7 "Weak".
It also finds this one 8B2AI6 "Fair".

What have those webdevs smoked? #passwordpolicy

How To Force Users To Use Strong Passwords In Debian And Ubuntu #PAM #PluggableAuthenticationModules #PasswordPolicy #Security #Debian #Ubuntu #Linux #LinuxAdministration #Linuxhowto #Linuxsecurity #Linuxcommands
https://ostechnix.com/force-users-use-strong-passwords-debian-ubuntu/

How To Set Password Policies In Linux #PasswordPolicy #Linuxcommands #LinuxPAM #PluggableAuthenticationModules #Linux
https://ostechnix.com/how-to-set-password-policies-in-linux/

📣 LDAP Tool Box Service Desk 0.3 released!

➡️ https://projects.ow2.org/view/ldaptoolbox/ltb-service-desk-0-3-released/

#LDAP #OpenLDAP #LTB #PasswordPolicy #FreeSoftware #OpenSource #OW2 #IAM

Die erlaubten Zeichen bei Logins sind überall anders definiert, wieso kann man nicht alle Zeichen auf einer Tastur als Zeichen für die Passwortvergabe definieren. Mir erschließt sich die Problematik nicht. Es kann doch nicht sein das man im Jahr 2020 immer noch solche Restriktionen hat.
#Passwort #passwordpolicy

LDAP Tool Box : création du projet Service Desk

https://linuxfr.org/news/ldap-tool-box-creation-du-projet-service-desk

#LDAP #OpenLDAP #LTB #password #passwordpolicy

How To Set Password Policies In Linux #PasswordPolicy #Password #Linux #Security #LinuxCommands #pam
https://www.ostechnix.com/how-to-set-password-policies-in-linux/

How To Force Users To Use Strong Passwords In #Debian, #Ubuntu #Linux #Password #Linuxhowto #PasswordPolicy

https://www.ostechnix.com/force-users-use-strong-passwords-debian-ubuntu/