[organization] will be enforcing strong passwords to ensure that [network] logon passwords are compliant with current password policy. [network] password policy is based on recommended settings provided by the National Security Administration’s NT Security Technical Implementation Guide.
IMPACT TO CUSTOMERS: Each new password will be evaluated according to current [network] standards for robust passwords as itemized below. A new password that does not conform to these standards will be rejected and followed by a dialog box to explain why the password does not comply.
PASSWORD CRITERIA:
Passwords MUST:
1. Equal exactly 7 characters (no more, no less)
etc.
So, um, a password of a fixed length (rather than the much more common “at least 8 characters”) is strong security? Yeah, ok. Thank you for making it easier for crackers to break in. No reason to check for random length passwords, because they know they’ll all be the same length.
