And write it on a Post-It

I’ve kvetched about passwords before, but the demands keep escalating, as poor Smitty discovers:

Please enter your old password and a new password in the spaces below using the following password rules:

The password must be at least 14 to 30 characters long.
The new password must differ from the old password by at least 4 characters.
Passwords ARE case sensitive.
Special Characters are allowed in the password with the exception of the single quote (‘), double quote (“), and less-than sign (<).
The password must contain at least:

  • 2 uppercase alpha characters [A-Z]
  • 2 lowercase alpha characters [a-z]
  • 2 numeric characters [0-9]
  • 2 special characters [ ~!@#$%^&*()-_+={}[]:;,>/ ]

The password must not:

  • contain spaces
  • contain the single quote (‘), double quote (“), or the less-than sign (<)
  • be the same as your user-id

How about B!teM3;Ucr@pwease1?

(Note to any and all sysadmins: If this shows up on your password list, well, I tried.)





2 comments

  1. fillyjonk »

    3 April 2009 · 8:55 am

    Well, a person could always buy the handy little notebook seen here: http://www.basbleu.com/cgi-bin/hazel.cgi?randomizer=1007875264&action=detail&item=UC4182 (links don’t work)

    But of course, if someone were to break into your home/office, wouldn’t one of the things they’d grab be a book labeled “IMPORTANT CONFIDENTIAL INTERNET PASSWORDS”?

    Me? I’m waiting for retinal-scan technology to become widespread.

  2. Francis W. Porretto »

    3 April 2009 · 12:36 pm

    Password complexity enforcement is a well-meant attempt to guard against “social engineering.” Too many users are willing to tell even a complete stranger enough about themselves to enable that stranger to guess any easily remembered, non-complex password. Unfortunately, complexity rules have their own drawbacks, as we have seen.

    Biometric identification — fingerprints, retinal scan, DNA matching, and the like — would be a partial solution…until thieves started gouging out eyes and cutting off thumbs to break into their victims’ ATM-enabled accounts. The problem is stiff and won’t go away soon. Just like human venality.

RSS feed for comments on this post