Adventures in implementing a strong password policy
Password authentication is high in the list of potential security vulnerabilities. In the October 2001 SANS/FBI Top 20 list [10], absent or inadequate passwords placed second. The revised SANS Top 20 list, first appearing in October 2002 [11], moved password vulnerabilities down to seventh place...