Paul Ducklin and Chester Wisniewski take a look at the thorny issue of imposing password rules and regulations, in this audio episode, entitled Busting Password Myths.   Their discussion considers:

When should you (be forced to) RESET your password?

Is forcing "COMPLEXITY" (length, nature of characters, case) in passwords necessarily a good idea?

Is it okay to REUSE the same password for different sites/applications?


http://nakedsecurity.sophos.com/2012/03/11/busting-password-myths/?utm_source=facebook&utm_medium=status+message&utm_campaign=naked+security