SIGforum.com    Main Page  Hop To Forum Categories  What's Your Deal!    Password Rules SUCK
Page 1 2 3 
Go
New
Find
Notify
Tools
Reply
  
Password Rules SUCK Login/Join 
Spread the Disease
Picture of flesheatingvirus
posted
Not only does this shit expire 47,125 times per year, but now it must:

Be a MAXIMUM of 32 characters long
Be a MINIMUM of 8 characters long
Contain at least 1 uppercase letter
Contain at least 1 lowercase letter
Contain at least 1 number
Not contain dictionary words
Not contain spaces
Not be one of the last 4 passwords used
Not be one of the passwords that were used in the past 8 days.
May contain any of the following special characters:
~, !, @, #, $, ^, *, (, ), _, +, =, -,?,,,.

Are you goddamn kidding me? No words in the dictionary? I only have to remember 1.2 x 10^3 passwords for at work and outside work, so what's one more jacked up one? Mad

I'm about to put my fist through this computer screen. Maybe it could take a DNA sample after that and log me in that way?


________________________________________

-- Fear is the mind-killer. Fear is the little-death that brings total obliteration. I will face my fear. I will permit it to pass over me and through me. And when it has gone past me I will turn the inner eye to see its path. Where the fear has gone there will be nothing. Only I will remain. --
 
Posts: 17746 | Location: New Mexico | Registered: October 14, 2005Reply With QuoteReport This Post
Prepared for the Worst, Providing the Best
Picture of 92fstech
posted Hide Post
Could not agree more!!!! This has been driving me nuts lately, along with everything going to 2-factor authentication and requiring a text or phone call to log in. I freaking hate it!

I pretty much have to go through the "forgot my password" process every time I log into anything anymore because they keep making me change it so often and the requirements are so complex I can't remember any of the new ones.
 
Posts: 9551 | Location: In the Cornfields | Registered: May 25, 2006Reply With QuoteReport This Post
A Grateful American
Picture of sigmonkey
posted Hide Post
Please enter password.

cabbage

Sorry, the password must be more than 8 characters.

boiledcabbage

Sorry, the password must contain 1 numerical character.

1 boiled cabbage

Sorry, the password cannot have blank spaces.

50fuckingboiledcabbages

Sorry, the password must contain at least one upper case character.

50FUCKINGboiledcabbages

Sorry, the password cannot use more than one upper case character consecutively.

50FuckingBoiledCabbagesShovedUpYourArse.IfYouDon’tGiveMeAccessImmediately

Sorry, the password cannot contain punctuation.

NowIAmGettingReallyPissedOff50FuckingBoiledCabbagesShovedUpYourArseIfYouDontGiveMeAccessImmediately

Sorry, that password is already in use.




"the meaning of life, is to give life meaning" Ani Yehudi אני יהודי Le'olam lo shuv לעולם לא שוב!
 
Posts: 44685 | Location: ...... I am thrice divorced, and I live in a van DOWN BY THE RIVER!!! (in Arkansas) | Registered: December 20, 2008Reply With QuoteReport This Post
Member
posted Hide Post
They make them so complicated you have to write them down.

One system I use now requires a one time pass code sent to your email before you can log in. That code may come in 3 seconds or 10 minutes.

System X requires a new password every 60 days. Then there is another system Y where I can get the same information as system X but in a different format but never have to change the password in 15 years.


 
Posts: 5489 | Location: Pittsburgh, PA, USA | Registered: February 27, 2001Reply With QuoteReport This Post
W07VH5
Picture of mark123
posted Hide Post
Check out Bitwarden. Ask if it’s allowed in-house.

Also, look into yubikey. And SSH.

Passwordless login makes more and more sense every day.
 
Posts: 45674 | Location: Pennsyltucky | Registered: December 05, 2001Reply With QuoteReport This Post
"Member"
Picture of cas
posted Hide Post
And how. Had the same password on your site for 24 years, suddenly it's a security issue?

Use a VPN for security. Only, all the sites I need the security on freak out when I try to log in through the VPN.

And it's been said many times before by many people, but when I was a kid, I never would have imagined in the future, just how much time I would spend every day trying to convince computers that I wasn't a robot.
 
Posts: 21500 | Location: 18th & Fairfax  | Registered: May 17, 2003Reply With QuoteReport This Post
Prepared for the Worst, Providing the Best
Picture of 92fstech
posted Hide Post
The internet as a whole kinda sucks these days. I only go to a few sites on a regular basis, but I was trying to do some research on tablets yesterday, and was really annoyed by all the crap on webpages that makes them take forever to load, even over a broadband connection. A lot of the reviews I found read like they were auto-generated by a computer or put together by some Chinese spammer. And don't get me started with all the ads...and the code that blocks access to sites unless you disable your adblocker....even local news sites and the local private college's athetics site have that crap now. It pretty much guarantees that I won't be visiting your site...but it' still annoying.

I'm a child of the late 90s, and I remember the early days of the internet when stuff was free and people shared information just because they could. Sigforum is one of the few places that is still that way, and it's one of the reasons I love this place.
 
Posts: 9551 | Location: In the Cornfields | Registered: May 25, 2006Reply With QuoteReport This Post
Member
posted Hide Post
Password = "My-desklamp-is-11-inches-tall". Set the height to whatever month you're in.

The games we have to play just trying to get some work done... Frown


===
I would like to apologize to anyone I have *not* offended. Please be patient. I will get to you shortly.
 
Posts: 2135 | Location: The Sticks in Wisconsin. | Registered: September 30, 2012Reply With QuoteReport This Post
Member
posted Hide Post
After getting daily e-mails from Shee-Dee-Ern-Ern for many years, they finally had something I wanted to order.

I quit after five or more tries to create a password for a new account. Tried calling, they're closed on Sunday.

If I cxan place the order on the phone tomorrow (emphasize "IF") I'll refer them here and direct them to SigMonkey's rant.


--------------------------
Every normal man must be tempted, at times, to spit on his hands, hoist the black flag, and begin slitting throats.
-- H L Mencken

I always prefer reality when I can figure out what it is.
-- JALLEN 10/18/18
 
Posts: 9435 | Location: Illinois farm country | Registered: November 15, 2008Reply With QuoteReport This Post
Member
posted Hide Post
Keepass

Also, what surprises (and sometimes scares me) is that I'm still able to remember most of the passwords I use.

EDIT: That said, it always makes me happy when you have a self service function for passwords which you don't use all the time.

No need to keep it, just reset it when needed. Wink
 
Posts: 184 | Registered: September 19, 2012Reply With QuoteReport This Post
Member
Picture of IndianaMike
posted Hide Post
At work we now have 2 step verification. We receive a text or phone call with a 5-digit passcode.
 
Posts: 1652 | Location: NORTHEAST INDIANA | Registered: August 18, 2006Reply With QuoteReport This Post
Member
posted Hide Post
Get thee a password vault such as BitWarden. I use that one and it can randomly generate passwords customized for the set of rules you need.

This will allow you to store and organize innumerable credentials (along with authenticator and encryption keys) so you only need remember one strong password, the one to access the vault.

Thanks to the password vault, all of your accounts, even ones that don't really matter can have strong passwords you don't need to write down anyplace and which are protected from snooping by encryption.


-------------
$
 
Posts: 7655 | Location: Mid-Michigan, USA | Registered: February 17, 2006Reply With QuoteReport This Post
"Member"
Picture of cas
posted Hide Post
Grrr.... just tried to log in to Ebay. They're forcing me to reset my password. 4th time in three weeks!? (again, after having the original for 20+ years without issue) I just bought and paid for something last night, now this shit again.
 
Posts: 21500 | Location: 18th & Fairfax  | Registered: May 17, 2003Reply With QuoteReport This Post
Member
posted Hide Post
I have an Excel spreadsheet with all my 300+ passwords. Lately some sites do not allow a copy & paste. That means I have to change the password to something simple that I can remember after I look it up. More secure?


__________________________________________________

If you can't dazzle them with brilliance, baffle them with bullshit!

Sigs Owned - A Bunch
 
Posts: 4371 | Location: Nashville, Tennessee | Registered: December 16, 2004Reply With QuoteReport This Post
Nullus Anxietas
Picture of ensigmatic
posted Hide Post
quote:
Originally posted by cas:
Use a VPN for security. Only, all the sites I need the security on freak out when I try to log in through the VPN.
quote:
Originally posted by cas:
Grrr.... just tried to log in to Ebay. They're forcing me to reset my password. 4th time in three weeks!?

Do the math.

I've never had eBay demand I create a new password. I just logged-in. They asked me to verify a couple pieces of information. When I changed my phone number from "landline" to "mobile," they texted me a verification code. No biggie.

As for the more stringent verification requirements: If any of y'all operated your own servers on the Internet, and did regular log analysis, you'd see, for yourself, just how nasty things are. I run an insignificant, personal site. It, and the accounts on it, are under constant attack, 24x7x52.

Examples:

I just tossed an entire Microsoft /10, over four million IP addresses, into a blacklist because I was tired of seeing attacks from IPs in it. (They were never going to succeed. I was just tired of seeing it in the reports.)

My mail server rejected 91% of attempted email deliveries in the last twenty-four hours. 84% of those where from 109 different IP addresses spread all over the Internet. Which means somebody's launched a new 'bot farm to send spam/scam email. Odds are every last one of those is a compromised MS-Windows PC or IoT device.


As for having to have all those credentials: Get a damn password manager, fer crissakes

This...
quote:
Originally posted by Anush:
I have an Excel spreadsheet with all my 300+ passwords.
... is unwise.



"America is at that awkward stage. It's too late to work within the system,,,, but too early to shoot the bastards." -- Claire Wolfe
"If we let things terrify us, life will not be worth living." -- Seneca the Younger, Roman Stoic philosopher
 
Posts: 26029 | Location: S.E. Michigan | Registered: January 06, 2008Reply With QuoteReport This Post
Spread the Disease
Picture of flesheatingvirus
posted Hide Post
quote:
Originally posted by Anush:
I have an Excel spreadsheet with all my 300+ passwords. Lately some sites do not allow a copy & paste. That means I have to change the password to something simple that I can remember after I look it up. More secure?


Yeah, but how do you remember the password to open the spreadsheet??


________________________________________

-- Fear is the mind-killer. Fear is the little-death that brings total obliteration. I will face my fear. I will permit it to pass over me and through me. And when it has gone past me I will turn the inner eye to see its path. Where the fear has gone there will be nothing. Only I will remain. --
 
Posts: 17746 | Location: New Mexico | Registered: October 14, 2005Reply With QuoteReport This Post
I Deal In Lead
Picture of Flash-LB
posted Hide Post
I did jobs all over the U.S. for Homeland security and other agencies/companies.

I frequently had a need to get into something they had passworded and when it came up, I'd place a call to get someone down to open things up for me.

They'd typically take their time, so I'd look under keyboards, on pull out typewriter stands, places like that and 9 times out of 10 I'd find a password somewhere and used it to get access.

Failing that, I'd use something much simpler and that worked frequently also.
 
Posts: 10626 | Location: Gilbert Arizona | Registered: March 21, 2013Reply With QuoteReport This Post
Member
posted Hide Post
I have had to buy an address book just to keep passwords in. It's a pain in the ass having to keep all those passwords.


I have been where you fear to be
I have seen what you fear to see
I have done what you fear to do
All these things I have done for you.
 
Posts: 16 | Location: Fairhope, Alabama | Registered: December 28, 2017Reply With QuoteReport This Post
Nullus Anxietas
Picture of ensigmatic
posted Hide Post
quote:
Originally posted by IMPD2079:
I have had to buy an address book just to keep passwords in.

Yikes

Very bad idea, IMO. Worse idea than a spreadsheet or plain text file. If that one paper journal should be lost, damaged, or, worse, stolen: You may find yourself in a world of hurt.

My wife used to do that. Kept mis-placing or mis-recording info. (Part of it was she'd scribble it down on whatever was handy, intending to put it in her book later, then...) Took a few times of that before I finally convinced her to use a password manager app and put everything in it right away. Now she no longer has those problems. Same with one of my sisters-in-law. My nephew, her son, finally convinced her.

It's a new world, guys. There's no way around it, short of getting entirely, or nearly entirely off the grid. It's nearly a necessity to have on-line accounts. It is absolutely necessary that each have as unique and distinct credentials as possible, with hard-to-guess passwords or pass-phrases. This necessitates having some way to keep track of them all. IMO, the best way to do that is an electronic password management application.



"America is at that awkward stage. It's too late to work within the system,,,, but too early to shoot the bastards." -- Claire Wolfe
"If we let things terrify us, life will not be worth living." -- Seneca the Younger, Roman Stoic philosopher
 
Posts: 26029 | Location: S.E. Michigan | Registered: January 06, 2008Reply With QuoteReport This Post
Thank you
Very little
Picture of HRK
posted Hide Post
quote:
Yeah, but how do you remember the password to open the spreadsheet??


simple, tape it to the bottom of your keyboard, everyone knows that Big Grin
 
Posts: 24650 | Location: Gunshine State | Registered: November 07, 2008Reply With QuoteReport This Post
  Powered by Social Strata Page 1 2 3  
 

SIGforum.com    Main Page  Hop To Forum Categories  What's Your Deal!    Password Rules SUCK

© SIGforum 2024