The password dilemma
Feb. 13th, 2006 09:44 am![[personal profile]](https://www.dreamwidth.org/img/silk/identity/user.png){kind=small}
ambericaAll our passwords expire every 90 days. This is a problem for several reasons.
A STRONG PASSWORD MUST BE IMPOSSIBLE TO REMEMBER, MUST NOT BE WRITTEN DOWN, AND MUST BE CHANGED EVERY 3 MONTHS IN CASE YOU START REMEMBERING IT.
It's so weird. It sounds like a Dilbert cartoon, but it's real. Actually, it IS a Dilbert Cartoon. To wit:
- Coming up with a "strong password" is HARD!
- A strong password must have at least 1 capital letter, at least 1 lower case, at least 1 number, and at least 1 "special character" - plus they must be at least 8 characters long and must begin and end with a letter. And you may not have any dictionary words in them (English, technical, or other language), or any part or your name.
- All accounts must have different passwords
- I have a LOT of accounts just for work alone!
- We are not allowed to write down our passwords anywhere, nor may we keep them in a file on our computers.
A STRONG PASSWORD MUST BE IMPOSSIBLE TO REMEMBER, MUST NOT BE WRITTEN DOWN, AND MUST BE CHANGED EVERY 3 MONTHS IN CASE YOU START REMEMBERING IT.
It's so weird. It sounds like a Dilbert cartoon, but it's real. Actually, it IS a Dilbert Cartoon. To wit:
![[identity profile]](https://www.dreamwidth.org/img/silk/identity/openid.png){kind=small}
Definitely Annoying.
Date: 2006-02-13 10:34 am (UTC)a) make variations of the same password, by changing ordinary letters to 1337 letters
b) just add a number to the end of your word, e.g. "password1", "password2", etc.
c) Use the same two passwords and alternate them each time
For security purposes, I guess I would most likely recomment option a.
Re: Definitely Annoying.
Date: 2006-02-13 10:34 am (UTC)Re: Definitely Annoying.
Date: 2006-02-13 03:04 pm (UTC)I can't ever re-use a password unless it's been more than 5 cycles (15 months) since I used it.
I actually think option 2 might work pretty well, as long as my password ends with a letter, and doesn't actually include any actual words or parts of words or letters that are next to each other on the keyboard or repeating characters.
Like, I could do something like zrYp2d, and then zRyp3d, and so on... except more cryptic than that. They'd probably notice I was doing that and make me stop.
Stupid rules. :P