Password nonsense

[Icarus]

So, my employer has just published their new standards for network & system passwords:

[ul]
[li]Minimum 15 characters[/li][li]2 numbers[/li][li]2 special characters (!, @, #, $, %, &, *, +, etc.)[/li][li]2 lowercase letters[/li][li]2 uppercase letters[/li][/ul]
Password will be changed every 60 days.

While I personally feel that these security folks are just a tad over-zealous, I think that they are missing opportunities for additional elements.

So, here are my suggestions to make the passwords even more secure. The password should also contain:

[ul]
[li]A high pitched squeel[/li][li]A shade of aquamarine[/li][li]A yoga position[/li][li]A flavor of gravy[/li][li]Hair[/li][/ul]
Feel free to add your own suggestion…

[Skammer]

No DNA sample? And they call that secure?

[Scuba_Ben]

Obviously the passwords may not be written down anywhere; passwords may not closely resemble the previous several; and users must log off at the end of their shift.

Now for the “more secure” fun:

• Non-ASCII characters.
• Two-factor authentication with a continuous blood sample. (Keep your finger on the needle, or the system kicks you off.)
• Must switch desks / workstations every few hours.
• No cell phones on company properly. Not even kept in your car.

[Canadjun]

The numbers have to be transcendental and imaginary.

[Icarus]

Scuba_Ben:

• No cell phones on company properly. Not even kept in your car.

That was my last client - for real.

[tdn]

All passwords must be in Klingonese.

[FairyChatMom]

I’ve dealt with the same requirements, with the addition of NO DOUBLES! So you can’t have BB or bb, but you can have Bb or bB. Fine. Whatever.

I’ve seen some where they won’t permit any sequential characters or numbers either. And, of course, no dictionary words within…

[tr0psn4j]

And a captcha if you mess your password up even just once!

[Giles]

At one character from each of these Unicode groups (and how you input them is your problem):

Aegean Numbers
Alchemical Symbols
Armenian
Balinese
Bopomofo
Braille Patterns
Byzantine Musical Symbols
Cherokee
Chess Symbols
Coptic
Cuneiform Numbers
Devanagari
Dingbats
Domino Tiles
Glagolitic
Hangul Jamo
Hiragana
Inscriptional Pahlavi
Khmer
Lycian
Lydian
Mahjong Tiles

and I’m only half way through

[Mangetout]

A randomly-assigned sketch by Leonardo Da Vinci

Gold leaf

One or more wavelengths of electromagnetic radiation

Dead pixels

An aroma or flavour

Ants

Lego bricks of at least two different colours and shapes

Antimatter

[Knorf]

Include a two-bar sung excerpt (on pitch and in the correct tempo) from anywhere in the tenor part of the “Hallelujah Chorus” from Handel’s Messiah.

Include DNA samples from both parents and all grandparents.

Must login in the presence of four armed witnesses, all vouched for by the Secret Service, U.S. Marine Corps, and TSA.

[kayaker]

And if a call comes through the switchboard for you that caller ID identifies as “wikileaks” you are in major shit.

[UncleRojelio]

Retinal scan while standing on a scale.

[Dallas_Jones]

Ain’t it wonderful, how safe our information is now? I spend a great deal of time logging on to post a few minutes worth of work several times per day.

Log on to computer, log on to Citrix and hope the system at the main office is up and running, log onto my personal desktop settings and do a little work. Phone rings or other distraction occurs. System time-out, you must now log back on through three levels of security and start again.

It’s slow, cumbersome, ineffective, but hey, it’s governement work. I seriously believe that most of my work day is spent, not in usefull work, but in logging on and off of our highly paranoid system.

[Czarcasm]

A movie cell from The Day The Clown Cried
A hair from Hitler’s missing testicle
A Slinky made from Unobtainium
A bottle of good French beer

[ReticulatingSplines]

My account is so secure that I can’t even get into it myself half the time.

[Antinor01]

Voice authentication. Which must be german, but spoken in French. Ask the most interesting man in the world for advice on accomplishing this.

[running_coach]

A hazy shade of winter.

[ZenBeam]

It has come to our attention that Computer Scientists and Mathematicians have proven that the maximally secure password (MSP) is b&f4g^6k(9s#dQ.:.
As of this notice, all employees are required to immediately change their password to the MSP.

Passwords must be changed every 30 days. Since there is only one MSP, when your password expires, you must notify IT, who will reset your password to your employee number. You will then be required, at first logon, to reset your password to the MSP.

[Icarus]

A bout of deja vu
Snot in the back of the throat
A cute picture of a kitten
A John Cage composition played on roasted marshmallows