A question for IT/ITish people about temporary passwords

Do you encounter people who are under the impression that a temporary password has magical properties too? I’d always been under the impression that grown ass adults understand that temporary means short-term, but over the past few years at work I’ve run into lots who express surprise that temporary passwords no longer function after you pick a permanent password. Then I have to explain that once you change your password, you have to use that password - the temporary one can’t be used instead of it.

Do I work with a special breed of idiot, or is this actually a common misconception?

I haven’t run across that weird little quirk with my users, but I wonder if some websites or web apps don’t contribute as there are some that can run you through their “I forgot my password” process, send you a new password and it’s simply a new password, rather than a use it once and be forced to change it temporary password.

Password complexity, however, confuses a lot of people, even when you tell them that their password must be between six and eight characters long, must start with a letter, must have at least one number and one “special” character. I’d issue a temp, and then hear them banging away, only to complain that the system said “bad password” Invariably, when I asked how long their new password was, they’d say something like ten or fourteen, to which I’d respond “is that between six and eight characters long?”

So, special idiots, then.

Special breed of idiots, yes. I call them “users”.

If I’m particularly cranky, they’re (l)users and they always lie.

Last week I was doing a screenshare with a remote user to troubleshoot a problem. They launched a web application and it asked for their login credentials, at which point they asked me, “What should I do?” Oh, the comments I could have made!