Grr!! Do I REALLY need a case sensitive password 8 characters long??

Number one: IT’S 8 CHARACTERS LONG!! (up from six)

Number two: The password has to have BOTH upper AND lower case letters in it!!

Number three We can’t make up our own password. We HAVE to take the one you give us!!

Number four It has to change every three months now!!!

Listen security guys at work:

I’m not getting any younger here. I’ve already got a hundred f’n passwords floating around in my head already!!

If it weren’t for all these fuck’n passwords clouding up my brain, I’d probably be able to work out a viable plan for peace in the Middle East!

Also, did we really have a problem before with security breaches??

I think not!!

Even if we did, I think the very least you guys could have done is set it up so we can make our own f’n passwords! I mean how hard would that be??

I make my users do all the above except this one. So how does this work? Is it a system generated password? Do they email it to you?

I use a password generator to make eight character, no numerals, all lowercase pws. Essentially, I changed 'em and waited for them to ask.
As I go about my dreary daily chores, I see them on Post-its stuck to monitors.
:rolleyes:

And that’s what you are probably going to get if you don’t let users generate there own passwords.

My dad created a 24 length case sensitive numbers and charactor password for the admin account on his home computer. Alls he does with it is surf the net. He doesn’t buy anything over the net no tax information, nothing is on that box.

24 charactors.

He forgot it. Or errrr, screwed it up. Took me a couple of hours to figure out which upper case letter should be lower.

Probably.
The first guess would be pets, second depending upon age of the user, children’s name or grandchildren and third favorite color.
The really challenged use their name, perhaps with a number after it. That may be the safest, depending upon the number of digits they add.
I change it if they email a request. I just need to know what the darn thing is.

Heh. I got tired of using pet names. As we cannot re-use passwords for such and such a time (ran out of pets :slight_smile: ).

For work, I now take a SQL error code book, open it to a random page, and take the first three letters, the page number and then the last three letters on the page.

Pretty effective way to generate gibberish.

If I forget, all I have to do is remember the page number (or just put a sticky on the page) and my ‘code’.

My password for virtually everytihng is a word that I made up. It sounds plausible, and it could be in a science-fiction story, but nobody would ever guess it. So I have the best of both worlds: I always know it, and no one else ever does. Plus, it’s 9 letters long, and trivial modifications can be made to add non-alphanumeric characters.

This response has been brought to you by of the 13 year old script kiddies working for the Russian mob with offshore accounts.

System generated…

It would be easy to remember, but if someone gets the 'Dope passwords again, would they have your accounts elsewhere?

I’m too lazy to check, but SHAKES, I assume that you will not be one of the people piling on the next company that leaks a few million credit card numbers because of lax security?

That’s the same logic that doomed the Space Shuttle Columbia. All it proves is that you’ve been lucky in the past.

My work passwords have to be at least 8 characters, and include at least one of each of the following:

  1. lower case letters
  2. upper case letters
  3. numbers
  4. special characters (!@#$, etc)

Not only that, but the servers use a word checker to make sure that you’re not making a password out of a real word. If three or more consecutive letters form a word in the dictionary, the password is unacceptable. And that’s hard, because a lot of three-letter combinations are words.

And, of course, we have to change our passwords every 90 days.

So far…I win!

We do this at work also, plus we have to pass through about 5 security screens and have 3 different computer systems. We have all had to start writing them down in order to remember them! Gaaahhhh!

My beef with passwords is that different systems have different, non-compatible requirements. Some systems will not accept passwords longer than 6 characters; others insist on it. Some require a non-alpha character, others will not accept those. All of this makes it difficult to use the same pw everywhere.

Thanks Og for sticky notes. :slight_smile:

As far as not being able to reuse old ones, at a system where that was enforced, we found out that it stored only the last 6 passwords used. So when forced to change, we just changed it 6 times, then back to the original.

In my work I have a network password, a mail password, an intranet password, the password for the second intranet, the accouting software password, the extranet password, the image library password, the document storage password, the CMS password (x2), the FTP password (x 2) and the fucking mailserver password.

We have to change all of these every four weeks and never repeat a previous one - 8 digits, different case letters, and numbers. I can’t write them down for security reasons, so I’m in danger of losing the whole lot as my brain goes ‘pop’ and hundreds of digits and letters come pouring out of my ears and nose and mouth and eyes. Fuck.

On my company system you can recycle through 4 passwords. You have to change every 90 days, but it only remembers your last 3 passwords. Plus you can get away with your first password being abcde1. then abcde2, and after …4, you can start with abcde1 again.

So if your system is dumb enough, you can really get away with one password and a counter.

I have different passwords for most of my accounts, letters (both uppercase and lowercase), and numbers. But I use a Mandylion to hold them all. Left to my own devices, I pick simple, unsecured passwords.

Work generated one for me until I could change it. To get even with their ridiculous requirements (same as the OP), I just kept the original, for three years. When they changed the requirements (nine digits, including a “special character”) I just added a question mark.

I don’t really understand the logic. Apparently, using “potato” or “Fluffums” as a password is equivalent to handing the terrorists keys and a map. And of course no computer has yet been invented that could put together an eight- (or nine-)digit combination matching the password requirements. I suppose it’s like a hackers’ union: only serious hackers can break in; we don’t want wannabes who just walk in and guess.

Meanwhile, if I forget my ridiculous and illogical password, all I have to do is call in and tell them the name of my pet, which is a secret no spy could crack, unless they were friends or family or neighbors or had ever talked to me about cats.

So hackers the world over are now trying to get into your Dope account with passwords of “fluffy”, “spot”, “sweetums” and “killer”.
:slight_smile:

A computer program can autogenerate GH8v5YDpx3tM. A better computer program can auto-generate h3LLO w0r1D.

Passwords that people can’t remember except by writing them down on post-it notes are pretty damn useless.