Seeking benchmark data on passwords

[Chris Davis <chrisdavis () ti com>]

Hello List,

We are gathering benchmark data on passwords because we want to revisit our password policies.  Would you mind helping? 
 We need this by Thursday.

For security reasons, please do not email your company name if you are concerned about that.  For the purposes of our 
internal work, your name will be replaced by a generic “Services Company” or "Product Company" and a general estimation 
of size (Fortune 100, 500, small kid on the block, etc..)

We’re going to send the results out at the end of the week if you would like a copy, (without the company names on 
them)... ;)

<<<<<< Short Survey >>>>>>>

Please send benchmark data points to answer the following questions regarding password rules:

a) Length?

b) Complexity (alpha, numeric, special, capital, ……)?

c) How often is it changed?

d) Machine generated?

e) Can they reuse old ones?

f) Anything else (smart card, token generator, RSA SecureID)?


Thanks!
Chris

Chris Davis
IT Security Team
Texas Instruments
O: 214-567-8929

---------------------------------------------------------------------------
Free trial: Astaro Security Linux -- firewall with Spam/Virus Protection

Protect your network with the comprehensive security solution that
integrates six applications for ease of use and lower TCO.

Firewall - Virus protection - Spam protection - URL blocking - VPN
- Wireless security.

Download 30-day evaluation at:
http://www.astaro.com/php/contact/securityfocus.php
----------------------------------------------------------------------------