[Coco] Mystic BBS
ptaylor2446 at gmail.com
Sat May 2 18:59:39 EDT 2020
I also do not post anything about my bbs policies in public. IF you have a
concern you need to login to my system and leave me a private message on my
On Sat, May 2, 2020 at 12:20 PM John E. Malmberg <wb8tyw at qsl.net> wrote:
> On 9/30/2019 5:44 PM, phil pt wrote:
> > The password policy is set to force the user to change their psswords
> > 90 days. There is much more security feature that is included, but that
> > not public information.
> You are out of compliance with current NIST requirements and
> NIST studies have verified that password expiration results in more easy
> to crack passwords. So much more easier that NIST has banned the practice.
> See also:
> Recommended not to require special characters.
> Recommended not to require composition rules.
> I do not have a link handy, but there is an online copy of the study
> that NIST conducted.
> A lot of things that alleged security professionals have been claiming
> about creating secure passwords turned out to be actually more harmful
> than good in real world tests.
> This all aside from a password on a TELNET session is not secure from
> interception in route.
> As long as the accounts are "captive" and limited in what they can do,
> (No e-mail, shell, or direct web browsing / serving), or secret files),
> there is really not much need of stronger passwords.
> A higher risk is a bot creating accounts to post links that the spammer
> thinks will cause higher rankings of their pages.
> Coco mailing list
> Coco at maltedmedia.com
More information about the Coco