Well, sure, but I was under the impression that pass phrases that were dozens of characters long were better than passwords. That being said, I've seen almost no institution using anything but your generic 8-16 character, 1 number, 1 capital, 1 special character, none of the past 4 passwords, password template.
I think there's issues with some of the older legacy Windows systems that will straight up truncate anything past 16 characters, so that could be contributing to the issue.
Getting people to move away from old habits is a long and painful process in IT, particularly if the IT folks aren't the ones with decision making authority.
Well, sure, but I was under the impression that pass phrases that were dozens of characters long were better than passwords. That being said, I've seen almost no institution using anything but your generic 8-16 character, 1 number, 1 capital, 1 special character, none of the past 4 passwords, password template.
I think there's issues with some of the older legacy Windows systems that will straight up truncate anything past 16 characters, so that could be contributing to the issue.
Getting people to move away from old habits is a long and painful process in IT, particularly if the IT folks aren't the ones with decision making authority.
I wonder what the limit is in active directory