Main > Everything Else
Password requirements are getting ridiculous
patrickl:
It's also super annoying when they ask you to change the password often. A client of mine has a policy that every month the password needs to be changed. I don't go there that often so I almost need to change my password everytime I go there. And of course the next time I go there I have forgotten what it was. Well by now I fixed the problem, but still. It was pretty annoying.
I use two programs to overcome the problem.
I use Norton 360 and it keeps a record of all the logins and password I use. When I come on the same page it fills in the passwords automatically. Much like webbrowsers usually do. Only when I start the brower for the first time does it ask me to log in so it can reach the password file. Actually, I wish they would make it a standard feature of webbrowers. These are already able to fill in forms automatically, but that's ridiculously unsafe. Why not ask for a password to protect this functionality?
I also use eWallet to store logins and other personal info. Not so much for websites anymore though. This I also take with me on my smartphone/PocketPC.
ChadTower:
--- Quote from: leapinlew on September 18, 2008, 12:27:47 pm ---Do yourself a favor and don't work for any government institutions. Your not allowed to write them down and you'll need to remember a ton of them...
--- End quote ---
People write them down anyway. Hell, people write them on postits and stick them to their monitors.
boykster, a lot of enterprise apps use the fact that they are internal only as a layer of security. Sure, the backdoor may be there, but to use the backdoor you have to have already compromised the network somehow. That's why they use LDAP - the assumption that if you're logging in you are already in a "secure" location and thus the challenge doesn't need to be all that deep.
CheffoJeffo:
--- Quote from: ChadTower on September 18, 2008, 10:45:18 am ---
--- Quote from: shmokes on September 18, 2008, 10:37:06 am ---It sounds like you are finally beginning to appreciate my problem, actually.
--- End quote ---
I appreciated it when you first posted it... and I have been suggesting using an old school method to solve a new school problem. Some things are best kept physically secure and completely separate from the medium. Things like password managers are only as secure as the hacker's abilities and motivation allow it to be.
--- End quote ---
Let's see ... so far you have suggested writing down passwords on paper and common authentication schemes as good security practices.
I know that you have done a lot of things in your life, but I think that data security, like hauling MDF, ain't one of them. ;)
I'll put my properly-encrypted password management repository up against both paper and central authentication every day of the week.
missioncontrol:
--- Quote from: leapinlew on September 18, 2008, 12:27:47 pm ---
--- Quote from: shmokes on September 18, 2008, 12:26:51 pm ---
--- Quote from: punxrus on September 18, 2008, 11:59:24 am ---Random password generators are good for people like you. They do all the hard work for you. It sucks that people are making so many requirements for passwords, but it's better to be safe than sorry. Especially if you are prone to using the same password for everything...
--- End quote ---
I don't have a problem generating the passwords. My problem is remembering them.
--- End quote ---
Do yourself a favor and don't work for any government institutions. Your not allowed to write them down and you'll need to remember a ton of them...
--- End quote ---
yeah and they have to be changed every 60 days.
Dartful Dodger:
If I don't use the site every day or if I can be logged in all the time and lose my cookies I usually have to click on forgot password and have them email a new one.
I think that's happened to me a couple of times with this site.
now all I have to remember is the passwords for my email accounts.
Navigation
[0] Message Index
[#] Next page
[*] Previous page
Go to full version