CLIP THIS INQUIRY

Select a group:

Group Name
Create New GroupClip

CLIP THIS FLOW

Select a group:

Group Name
Create New GroupClip

For Security & Risk Professionals

Breaking Down Entropy And Passwords

Understanding The Fundamentals Of Effective Password Policies

October 11, 2011

By Chenxi Wang with Eve Maler, Stephanie Balaouras, Nick Hayes

  • 350 downloads
  • 0 comments
  • Rating:

Why Read This Report

Protecting access to information technology assets by using passwords is as old as the concept of IT security itself. Today, passwords remain a popular means of authentication. Each service guarded by user passwords has a password policy that determines the strength of the password against brute-force attacks. Establishing the right password policy for your organization requires you to understand your risk profile as well as the fundamental information-theoretical concepts that determine the password strength. This report breaks down these concepts in the framework of the National Institute of Standards and Technologies' (NIST's) authentication levels. Information security professionals can adapt the fundamentals to their policy work to determine the appropriate password length and fail-retry limit for the risk they are facing.
Tags: Identity & Access Management (IAM), Passwords, Security Program Governance, Security, Risk and Compliance
US $ 499
Become A Client

Get objective, pragmatic guidance that helps you make tough decisions and succeed in a complex world. Contact us to learn more.

Already A Client?
Log in to read this document.

TABLE OF CONTENTS

  • User Password: A Common Security Control Often Taken For Granted
  • The Right Password Policy Requires An Understanding Of The Fundamentals
  • Choose The Proper Password Length And Retry Limit For Your Risk Profile

  • RECOMMENDATIONS

    Entropy Is Your Friend — Get To Know It!
  • Related Research Documents
 
Loading...

Browse

About Forrester

Forrester Research, Inc. is an independent research company that provides pragmatic and forward-thinking advice to global leaders in business and technology.

Roles We Serve

Forrester supports leaders in 13 roles across three distinct client segments: Business Technology, Marketing & Strategy, and Technology Industry.

Analysts & Coverage Areas

Aligned to your professional role, Forrester's analysts are experts in the specific technologies, issues, and trends currently impacting your business.

Research
Latest Reports
Playbooks
Charts & Figures
Forrester Waves
Planned Research
Data
Consumer Data
Business Data
Events
Forums
Webinars
Workshops
Tools & Templates
Vendor Selection Aids
Best Practice & Self-Assessments
Models & Calculators
Document Templates

Forrester Leadership Boards

Fresh thinking and collaborative problem-solving through an unmatched combination of peer networking, forward-looking analysis, and professional guidance.

Consulting

Our expert analysts provide custom research-based frameworks to guide you through each phase of your critical business initiatives from identifying opportunity to optimizing results.

Community

Connect with peers and analysts, share your views, and ask questions on key business issues.

Blog

Forrester analysts weigh in on the latest business and technology news.

  • BROWSE
  • Register
  • Call +1 617.613.5730
  • Cart