>>...Why not allow longer passwords? Just checked lengths of my passwords for different web-sites ( not just IDZ ) and most of them only 12 characters. Here is a question: Would I use longer passwords? My answer to myself is No unless I'm forced to use longer passwords. PS: I see that in Yahoo case it was absolutely not important what Yahoo's rule for password lengths was since hundreds of millions of passwords were stolen anyway.

@Hal:

Thanks, I appreciate passing it on.

@Sergey:

I am asking Intel to allow longer than 15 characters passwords, not to enforce them so your question whether you would use them is not relevant -- you don't have to (but you would be wise to do so).

Also, I can list you some terrible 12 character passwords right here -- for example Mypassw0rd1! meets Intel complexity rule, but it is broken in mere seconds because it has only 41 bits of entropy.

Rationale for my request is:

1. So many passwords have been leaked that all passwords up to and including 12 characters are no longer considered safe.
2. Minimum length should be increased from 8 to 12
3. People are terrible at generating secure passwords, that job should be done by password managers.
4. Since we all should use password managers it doesn't matter whether it is 15 or 20 characters, it's not us remembering them.
5. Even memorizing and typing 20 char [a-zA-Z0-9] password if you do not use password manager (and you should be by now) is easier than typing 15 char password with special characters and because of length it still has more entropy and is therefore more secure / harder to crack.

As for Yahoo, do not confuse operation security with password rules. Yahoo had a security breach which has nothing to do with password rules.

>>...So many passwords have been leaked that all passwords up to and including 12 characters are no longer considered safe. It is good to know. What do you think about cases when companies store in their databases unencrypted MD5-signatures of passwords instead of encrypted passwords ( without MD5 signatures ). I've been thinking about a small R&D work related to that subject for some time. It has to be not too difficult to figure out what a password is if an MD5-signature is known.

I have heard that some private organizations use a combination of MD5 & their own hashing algorithm to store passwords (in that order) so that secrecy can be maintained. I was wondering if this could be the solution to the problem or if we could just run multiple hashing algorithms a bunch of times. 

@Igor Levicki

Sounds pretty strict to me. I mean the password policy, but then again, one could make a weak password even after following all the rules. 

>>...I have heard that some private organizations use a combination of MD5 & their own hashing algorithm to store passwords... If these private organizations doesn't encrypt MD5 signatures, stored in their databases, then these systems could be compromised if MD5 signatures are stolen. It is not too difficult to reconstruct a source string of characters from already existing / known MD5 signature.

>>...Sounds pretty strict to me. I mean the password policy, but then again, one could make a weak password even after following >>all the rules. If strong passwords are forced then it won't be possible to create a weak one. Try to create a password '1234567890abcde' on well known websites.

>>...Try to create a password '1234567890abcde' on well known websites. Google reports for Gmail email service: Password strength: Good As you can see strong passwords are not forced so far.

To answer your questions: 1. Yes, you can create a bad password even when you follow the password rules. An example: "My1PasswordBad!" is 15 characters, has upper and lower case, numbers and special characters just like Intel requires, but the entropy is only 58 bits. "1234567890abcde" is even worse, with entropy of only 15 bits. Google's password strength indicator is terribly bad if it claims that password is any good. And that is exactly why you should let password manager like KeePass generate and remember 20 character password for you like it does by default for new database entries. The trouble is, Intel does not allow 20 characters hence this thread. 2. Any company storing unsalted hashes and not using PBKDF2 or bcrypt is irresponsible and should be criminally liable if (when?) passwords are compromised. 3. No need to research MD5 hashes, that has already been done on a massive scale -- Google "md5 rainbow tables". Finally, let me point out that just two days ago there has been another breaktrough -- first successfull SHA1 hash collision was demonstrated (http://shattered.io/), and it lead to corruption of WebKit SVN repository due to the way SVN handles file hashes which took quite some time to repair.

Sergey Kostrov wrote:

>> If these private organizations doesn't encrypt MD5 signatures, stored in their databases, then these systems could be compromised if MD5 signatures are stolen. It is not too difficult to reconstruct a source string of characters from already existing / known MD5 signature.

Wait, really? But aren't these hashing algorithms are designed to make sure that they cannot be reversed in any practical way? Being one way and all. I mean, if it was upto me then I would probably run a hash 5 to 10 times and keep the key somewhere hidden and isolated in another offline server.