Uninformed: Informative Information for the Uninformed

Vol 7» 2007.May

Complexity Through Password Policy

A second weakness of MPF generated passwords is that without rotating or incrementing elements, they are not very resilient to password expiration or rotation policies. There exists a trade-off between increased password security via expiring passwords and MPF complexity. However, the trade-off is either to have both, or neither. The more secure option is to use both, however, this practice increases the complexity of the MPF potentially causing the it to not meet design goal number four.