I tell you what really gets on my wick
the fact that i have to change my fucking windows password every couple of weeks and the fact that my new one must in no way bear any resemblance to any of the previous ones, must contain uppercase, lowercase and numerical characters, with a smattering of other characters chucked in, and must be at least 10 characters long. after a few times HOW THE FUCK AM I MEANT TO COME UP WITH ANYTHING I STAND THE REMOTEST CHANCE OF REMEMBERING? that combined with all the applications i need for my job having a similar security policy means there's no way i'm ever going to actually be able to do any work without having a password vault thing set up on my phone with an easy to remember password that renders the entire exercise pointless. if i set my password to wankycockwobble and keep it as that - WHERE's THE FUCKING HARM?


and breathe
(Alphabet Soap boshboshboshbosh, Mon 28 Sep 2009, 13:13, 16 replies)

Easy when you know how.
Two words separated by a number.

Apple01Orange
Apple02Orange

Usually keeps the system happy.
( Slippery Mick ‏, Mon 28 Sep 2009, 13:19, closed)

unless
as alphabet soap says, the new password must bear no resemblance to the old one.
( spesh., Mon 28 Sep 2009, 13:39, closed)

I know some evaluators are more stringent than others.
If it's that much of an issue then they should look into something else, like rsa tokens or smart cards to add another layer.
( Slippery Mick ‏, Mon 28 Sep 2009, 13:59, closed)

oh, don't worry
I've got 4 fucking RSA cards too and another software one on my work phone.
(Alphabet Soap boshboshboshbosh, Mon 28 Sep 2009, 14:05, closed)

I'm packing
Three RSA tokens, three call logging systems. Different windows, UNIX, and router logins. That's for local infrastructure.

Then a password safe password for the thirty fucking three networks I look after, with detailed login entries for all the different servers, routers, switches, firewalls, call managers in all these very different setups.

I remember when you could still use qwerty....
(Scritty Bakerman., Mon 28 Sep 2009, 16:41, closed)

I'm packing
Fudge
( flake has nothing against your right leg, Tue 29 Sep 2009, 1:14, closed)

Actually
You have a point.

I know the arguments about changing your passwords on a regular basis - I just happen not to agree with them. Yes, force strong passwords, but on most systems, forcing people to change their passwords is utterly pointless.

Cheers
( Legless Mister Stabby - shanks for the memory, Mon 28 Sep 2009, 13:21, closed)

exactly.
i like the method gmail etc use. type your idea of a password, it'll tell you if it's pathetic. mess about until you've got something unguessable - done.
(Alphabet Soap boshboshboshbosh, Mon 28 Sep 2009, 13:28, closed)

it's most annoying when it's not actually a password for security, but one for your profile and preferences
I remember someone moving to our office from another and was shocked and appalled that we had a list of everyone's passwords knocking around just in case they were needed.
( Vipros. clever got me this far, then tricky got me in, Mon 28 Sep 2009, 13:45, closed)

Mmmm
Complained about this once to our IT support, and was told "Write it down on a post-it and stick it on your monitor"

Defeats the point somewhat
( rofl harris, Mon 28 Sep 2009, 14:34, closed)

Rainbow Tables
Just search for that via Google, then you'll realise what you should be changing your password to...
(Mucky has squinted at the screen with one eye shut since, Mon 28 Sep 2009, 22:07, closed)

YES. Fucking hate this at work.
Currently working my way through 4chan memes...
( Maladicta, Tue 29 Sep 2009, 0:23, closed)

The true irony being...
... that we as the IT team don't change our passwords.

Depending on the network either a little 'password never expires' option gets ticked on my account or I change it every 2-4 weeks then go into AD and manually change it back to what it was.

Simples....
(Klynton, Tue 29 Sep 2009, 17:10, closed)

Our IT guy is nice
So when I said exactly that, he said "oh yeah, I didn't mean to set that stupid rule anyway." and fixed it :)
(xanthine, Tue 29 Sep 2009, 20:36, closed)

innit
I make myself think of bands or films that have a number in.
Like 2Unlimited was my last one.
( browser still relating boring anecdotes into a void on, Wed 30 Sep 2009, 12:26, closed)

My uni was similar
They decided that you should be changing your password semi regularly to stop anyone stealing your budget for the printer or looking at porn on your account or whatever.

My solution was simple, whenever it asked me for a new password, I would change it for a nice new complicated one to please the system, then head back into my user settings and change it back to the one I liked...

Both passwords were different to it satisfied our system, as it presumably didn't look any further back to compare, and really I can't think of anything much anyone could do with my university account that would actually bother me - all my files were backed up on USB and via email so I could work at home, so there as little of bother anyone could do to them...
(442, Wed 30 Sep 2009, 12:35, closed)