For Security & Risk Professionals

Breaking Down Entropy And Passwords

Understanding The Fundamentals Of Effective Password Policies

    Why Read This Report

    Protecting access to information technology assets by using passwords is as old as the concept of IT security itself. Today, passwords remain a popular means of authentication. Each service guarded by user passwords has a password policy that determines the strength of the password against brute-force attacks. Establishing the right password policy for your organization requires you to understand your risk profile as well as the fundamental information-theoretical concepts that determine the password strength. This report breaks down these concepts in the framework of the National Institute of Standards and Technologies' (NIST's) authentication levels. Information security professionals can adapt the fundamentals to their policy work to determine the appropriate password length and fail-retry limit for the risk they are facing.
    US $ 499
    Become A Client

    Get objective, pragmatic guidance that helps you make tough decisions and succeed in a complex world. Contact us to learn more.

    Already A Client?
    Log in to read this document.

    TABLE OF CONTENTS

    • User Password: A Common Security Control Often Taken For Granted
    • The Right Password Policy Requires An Understanding Of The Fundamentals
    • Choose The Proper Password Length And Retry Limit For Your Risk Profile
    • RECOMMENDATIONS

      Entropy Is Your Friend — Get To Know It!
    • Related Research Documents