Tek-Tips is the largest IT community on the Internet today!
Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!
-
Congratulations strongm on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!
Minimum Password Length
- Thread starter Maxxos
- Start date
The following was taken out of the Admin Client's Help File. I believe the settings are in your Admin Preferences. Hope this helps:
When creating passwords for user, server, or certifier IDs, you need to understand the criteria by which Domino measures password strength and security. Domino measures this criteria according to the level assigned on its password quality scale. The scale assigns a minimum level of quality to the password on an ID file. Domino bases the password quality on the number and variety of characters in the password.
The algorithm used to calculate password quality is used to enforce the selection of passwords that are sufficiently complex to meet the password quality scale level chosen to protect user ID files. When a user is registered, the user's ID file contains a password strength value. This setting is enforced if the user changes the password.
The scale ranges from 0 (weakest -- no password required) to 16 (strongest). A quality of 1 indicates that any password satisfies the criteria. Domino defines default levels for certifier, server, and user password quality. You should change these defaults to meet your organization's security criteria. You can set the defaults in a security settings policy document, in Administration Preferences, or in the registration or certification dialog boxes.
Password strength is not the same as password length. Not all passwords of equal length have equal strength in the password quality scale. For example, the 8-character word "password" (because it is a word) and the 8-character word "1168Acme" (because it contains numbers and alphabetic characters) do not carry the same level of character complexity and do not have equal strength on the quality scale. Password quality scale Description Example
0 Password is optional. None.
1 Allow any password. "b", "3"
2-6 Allow a weak password, even though you might be able to guess it by trial and error. "password", "doughnut" (password quality scale 3)
"lightferret", "b 4D" (password quality scale 6)
7-12 Require a password that is difficult to guess, but might be vulnerable to an automated attack. "pqlrtmxr", "wefourkings" (password quality scale 8)
13-16 Require a strong password, even though the user may have difficulty remembering it.
"4891spyONu" (password quality scale 13)
"lakestreampondriverocean", "stRem2pO()" (password quality scale 15)
"stream8pond1river7lake2ocean" (password quality scale 16)
Tips for assigning passwords and scale
Do not use words in a password that are in the Domino spell-check dictionary. Passwords containing words found in a Domino spell-check dictionary are generally weaker than passwords of equal length that do not contain words from the spell-check dictionary.
Use mixed-case words and words that contain numbers and punctuation for passwords instead of entirely lowercase alphabet characters. To make a password stronger without making it longer, avoid using words; instead use mixed-case characters and include punctuation and numbers.
Use a passphrase instead of a password. A complete sentence, especially one with a word or two misspelled, is a strong password that an attacker would have difficulty guessing.
Use passwords that have a quality of 12 or higher. Passwords that have a quality of 12 or higher are resistant to an automated attack. Passwords that have a quality below 4 are easy to guess.
Set a default value for all Password Quality Scale fields so that all passwords assigned to servers, users, and certifier IDs in your organization have appropriate levels of complexity.
Rgds,
John Judge
When creating passwords for user, server, or certifier IDs, you need to understand the criteria by which Domino measures password strength and security. Domino measures this criteria according to the level assigned on its password quality scale. The scale assigns a minimum level of quality to the password on an ID file. Domino bases the password quality on the number and variety of characters in the password.
The algorithm used to calculate password quality is used to enforce the selection of passwords that are sufficiently complex to meet the password quality scale level chosen to protect user ID files. When a user is registered, the user's ID file contains a password strength value. This setting is enforced if the user changes the password.
The scale ranges from 0 (weakest -- no password required) to 16 (strongest). A quality of 1 indicates that any password satisfies the criteria. Domino defines default levels for certifier, server, and user password quality. You should change these defaults to meet your organization's security criteria. You can set the defaults in a security settings policy document, in Administration Preferences, or in the registration or certification dialog boxes.
Password strength is not the same as password length. Not all passwords of equal length have equal strength in the password quality scale. For example, the 8-character word "password" (because it is a word) and the 8-character word "1168Acme" (because it contains numbers and alphabetic characters) do not carry the same level of character complexity and do not have equal strength on the quality scale. Password quality scale Description Example
0 Password is optional. None.
1 Allow any password. "b", "3"
2-6 Allow a weak password, even though you might be able to guess it by trial and error. "password", "doughnut" (password quality scale 3)
"lightferret", "b 4D" (password quality scale 6)
7-12 Require a password that is difficult to guess, but might be vulnerable to an automated attack. "pqlrtmxr", "wefourkings" (password quality scale 8)
13-16 Require a strong password, even though the user may have difficulty remembering it.
"4891spyONu" (password quality scale 13)
"lakestreampondriverocean", "stRem2pO()" (password quality scale 15)
"stream8pond1river7lake2ocean" (password quality scale 16)
Tips for assigning passwords and scale
Do not use words in a password that are in the Domino spell-check dictionary. Passwords containing words found in a Domino spell-check dictionary are generally weaker than passwords of equal length that do not contain words from the spell-check dictionary.
Use mixed-case words and words that contain numbers and punctuation for passwords instead of entirely lowercase alphabet characters. To make a password stronger without making it longer, avoid using words; instead use mixed-case characters and include punctuation and numbers.
Use a passphrase instead of a password. A complete sentence, especially one with a word or two misspelled, is a strong password that an attacker would have difficulty guessing.
Use passwords that have a quality of 12 or higher. Passwords that have a quality of 12 or higher are resistant to an automated attack. Passwords that have a quality below 4 are easy to guess.
Set a default value for all Password Quality Scale fields so that all passwords assigned to servers, users, and certifier IDs in your organization have appropriate levels of complexity.
Rgds,
John Judge
- Status