On Thu, Jan 17, 2008 at 02:54:47PM -0600, John Hascall wrote:
>
>
> I realize that these sorts of password rules are often externally dictated,
> but it's not clear to me (or many others) that they actually have a positive
> effect on security).
>

>

They don't. In fact, it has been demonstrated time and again that these
sorts of draconian policies have a negative effect on security.

--
Roberto C. Sánchez
http://people.connexer.com/~roberto
http://www.connexer.com

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)

iD8DBQFHj9RK5SXWIKfIlGQRAoAbAJ9CKfwY5HiPkES4ufShn6 nUdJTFWwCeOl/b
vvBbFOatEUZFp/+D8LMBPFE=
=InAX
-----END PGP SIGNATURE-----