[ale] Password standards

[Chris Fowler]

On Tue, 2011-10-18 at 15:16 -0400, JD wrote:
> I though most security conscious organization had switched to
> certificate-based authentication a few years ago wherever they could,
> and used a smart-card with a PIN/passphrase to access the certs. 

Not every device uses certificates or smart cards.  Most sites you use
on the Internet still use user/password combos.