Pa$$word requ1rements- and Evil Controls

  • Creator
    Topic
  • #175793
    MCLKT
    Participant

    What the frick is up with all of these ridiculous and insane password requirements?!!

    I’m at work and can’t really vent to coworker’s because we are all trying to be more positive.

    YAY!

    But seriously?

    We already have 10-15 DIFFERENT systems that require passwords

    They all have different lifespans, 60-120 days

    must be longer than 12 characters

    must include letters numbers ONLY

    Or must include at least one special character

    Can’t repeat a password previously used

    The latest requirement that sent me over the edge: “Your new password must contain at least one number between the first and last characters. Please try again.” Are you freaking serious!? Like anyone was going to guess bananaHammock1!

    I know it’s important for controls (duh) but, like Cindy once said, once you start requiring so much the control actually stops working. Because what do we as users do? We *write* all of the programs/websites and passwords down so we can remember them.

    I’m so frustrated with getting locked out of systems!

    I can’t wait to get off work so I can go home and study FAR.

    A:[73]97 F:[74]85 R:86 B:[74]82
    *NINJA 10 Pt. COMBO & Yaeger*

Viewing 6 replies - 1 through 6 (of 6 total)
  • Author
    Replies
  • #393096
    Anonymous
    Inactive

    I know, it's a shame I have to have a spreadsheet to remember the 85 (yes you read that right) 85 different passwords that I have at work for different websites, computer programs, etc. And to top it off, I have to password protect the freaking spreadsheet!

    #393097
    MCLKT
    Participant

    YES! Me too. A secret: don't use the word “password(s)” anywhere in the spreadsheet. If, by chance, your computer is stolen/hacked the thief my do a quick search for “passwords”. Use a secret code word instead like “Peacocks”. Of course that isn't my word, but you get it 🙂

    A:[73]97 F:[74]85 R:86 B:[74]82
    *NINJA 10 Pt. COMBO & Yaeger*

    #393098
    Anonymous
    Inactive

    thanks for the tip!

    #393099
    mla1169
    Participant

    I use the “notes” in outlook for my passwords.

    FAR- 77
    AUD -49, 71, 84
    REG -56,75!
    BEC -75

    Massachusetts CPA (non reporting) since 3/12.

    #393100
    Noct
    Participant

    What I do (both personally and professionally) is create a password scheme that is easy for me to remember, but impossible for someone to guess.

    First, I have a base password which will meet the requirements of the strictest system (letters, numbers, caps, lowercase, special char, at least 15 characters, contains no real/slang/l33t words). I commit this base password to memory, then I modify it in some consistent way for each place that I register. For example, you could insert the first 3 letters of the website/company/server/database name into your base password. So if the base password is SD!ds3@2sq and you're logging into gmail, use SgDm!ads3@2sq.

    This will result in a different password for each place you log in. Note that using the same password in multiple places is a huge security risk. Hackers like to get users/passwords from low security sites like forums and then try them on high security sites (banks, online stores, etc.)

    Some systems may not allow special characters, so I just omit them from the base password.

    For systems which force you to change your password, I keep the same base password and change the position of the inserted characters. So using my gmail example, when SgDm!ads3@2sq expires, I would use SDg!mdas3@2sq.

    Never write down your logins. If you keep a spreadsheet of them, password the spreadsheet, and save it in an encrypted folder.

    FAR - 79 - 07/2012
    AUD - 65, 78 - 11/2012
    BEC - 76 - 11/2012
    REG - 78 - 01/2013
    ETH - 98 - 01/2013

    Material: Wiley books

    #393101
    red3biggs
    Member

    @mla1169

    This is what I do as well. I have a basic contact that only has notes and each 1 says what its for, and what it is.

    AUD: 8/17/2012
    REG: 4/29/2013
    BEC: 7/8/2013
    FAR: 1/16/2014

Viewing 6 replies - 1 through 6 (of 6 total)
  • You must be logged in to reply to this topic.