Anyone else work in an office that requires you to reset your passwords every 60 days or sooner?

[techgamer]

I completely understand the security reasons behind it, but still, its sort of annoying after a while especially if there are programs that arent all 'timed' the same so you are reseting them every other week or so. Just venting lol.

 

[krunchykrome]

Yea, it's annoying. I six different passwords I need to memorize (or record) that need to be changed very often.

 

[FoBoT]

45 days for the domain

 

[pyonir]

My last job had that. I had 5 different passwords and they all had to have a capital letter, lower case, number and special character. it sucked.

 

[RichUK]

You reset your own password every 60 days? J00 R cool.

 

[djheater]

Originally posted by: FoBoT
45 days for the domain

Here too.

The worst part is that we can't use any of our 12 previous.

I have 6 or 8 very good passwords that I cycle through, but then I have to make up stupid crap when I can't use those anymore.

Honestly I find it irritating and knowing our environment and my dept's situation, excessive.

Whatever...

 

[MmmSkyscraper]

Never had to do that, although some of our clients do cos they're so l337.

 

[FoBoT]

i have just started doing patterns on the keyboard, so i don't even really know what it is


like those cheats for nintendo, pick a starting key, then do 3R, 2U, 1L, 2D , something like that

 

[Goosemaster]

60...man...that's a long time

 

[OutHouse]

45 days here and we require strong passwords. all i do in increment the number in my pw by 1 and im good to go and easly remembered.

P@$$w0rd10#
P@$$w0rd11#

 

[Feneant2]

Luckily for me, windows 2000 allows me to reuse the same password.

3 years and running now

 

[trmiv]

Originally posted by: djheater

Originally posted by: FoBoT
45 days for the domain

Here too.

The worst part is that we can't use any of our 12 previous.

I have 6 or 8 very good passwords that I cycle through, but then I have to make up stupid crap when I can't use those anymore.

Honestly I find it irritating and knowing our environment and my dept's situation, excessive.

Whatever...

I've worked at a place with similar requirements. I found that in environments like that it was likely that the users had the passwords written on a piece of paper somewhere near or on their desk. So much for security.

 

[Zenmervolt]

Here's what I did: memorized a list of 6 different passwords (new passwords must be different from the previous 5), and then what I keep on my desk is a note with things like "Login: #1, ATS: #4, WFM: #1, etc". The numbers don't mean anything to anyone without the master list and the master list exists only in my head and isn't written down.

ZV

 

[pontifex]

we have nothing like that...yet. hell, most people have their names as their passwords...

i say yet, because with this new ownership, i think we'll be changing every 30 days. people here are going to be pissed. it not only this either, i think they're going to want us to really lock down a lot of stuff.

 

[Sphexi]

I have about 30 programs I login to that all expire at 30, 60, or 90 days, seemingly at random. Most I can set to all the same password with yet another program that resets them all at once. A few I can't. So at any one time I have about 8 passwords I'm using, sometimes as little as 4, or as high as 15.

 

[Vette73]

Originally posted by: pyonir
My last job had that. I had 5 different passwords and they all had to have a capital letter, lower case, number and special character. it sucked.

yea i work in State Dept and some of our passwords have to have at least 1 of each of those.

Needless to say they a very good "forgot password" program setup so you can reset it in a matter of minutes.

 

[indamixx99]

I know it's not very secure, but I just take my old password, and change the number and symbol at the end. So, if it ended in 2@, (2 and shift-2), i would end it in 3# (3 and shift-3), then 4$. How's that for originality?

 

[pyonir]

Originally posted by: Marlin1975

Originally posted by: pyonir
My last job had that. I had 5 different passwords and they all had to have a capital letter, lower case, number and special character. it sucked.

yea i work in State Dept and some of our passwords have to have at least 1 of each of those.

Needless to say they a very good "forgot password" program setup so you can reset it in a matter of minutes.

Yep, i worked for a government contractor. it was a DOD requirement AFAIK. The forgot password program we had through our help desk was pretty simple too. Most people have their PWs written down next to their computers anyway...of course. lol.

 

[BurnItDwn]

Hmm ...
Just going over my personal logins/passwords ....
Most are at least 60 days, but there are several that are less.

mainframe 1 ... every 30 days
mainframe 2 ... every 30 days
"safeboot" for off hours support laptop ... every 60 days
VPN for off hours suppotr laptop ... every 180 days
Unix login for about 50 different production servers (linked via GUARDIAN) ... every 42 days
Oracle Login ... every 60 days
Windows PC login ... every 180 days
Novell Login ... every 90 days
Remedy Application ... every 360 days
Lotus Notes ... password changes not enforced
Unix login to webserver (not linked via GUARDIAN) ... every 90 days
Unix login to X windows server (not linked via GUARDIAN) ... password changes not enforced
Corporate Web App (all apps linked via an internal proprietary DB) ... password changes every 30 days

Then there's about 75 other logins shared/controlled by all the members of the group I'm in ....
Ahhhh .... headache ....

 

[AmpedSilence]

I have to change my password every 60 days also, but i can't use any of my last 24 passwords.

At some point, in the name of security, things get out of hand and become completely UNSECURE. i think 3 last passwords is good. On most systems you can only try three times before it disconnects you or locks you out so what is the point of not allowing the last 6 or 12 or 24 passwords? It's not like the person trying to hack in is going to keep trying that many times.

 

[purbeast0]

I have 1 of these and it's pretty lame.

I can't change it to 1 of the 3 that I've used previously too. So I have 1 "main" password that I change up slightly.

It's annoying when I go to try and guess which one I currently have, then after my 3rd attempt at getting it wrong I have to talk to the HR lady because my account was locked and she has to reset it.

 

[Q]

My Dad does

 

[xdreadpiratedoug]

Used to work at a large financial company doing help desk support for internal users - we had a variety of around 300 total passwords. All had to be strong and changed every 90 days. A lot of the applications had to be logged into once every 15 days ... so don't freakin complain about 20 or 30 different logins!

 

[Vette73]

Originally posted by: pyonir

Originally posted by: Marlin1975

Originally posted by: pyonir
My last job had that. I had 5 different passwords and they all had to have a capital letter, lower case, number and special character. it sucked.

yea i work in State Dept and some of our passwords have to have at least 1 of each of those.

Needless to say they a very good "forgot password" program setup so you can reset it in a matter of minutes.

Yep, i worked for a government contractor. it was a DOD requirement AFAIK. The forgot password program we had through our help desk was pretty simple too. Most people have their PWs written down next to their computers anyway...of course. lol.

That can cost someone their job if someone from security sees it. I have TS like a lot of people so passwords are a big deal if you have it written down.

 

[Fritzo]

I do, but only because I have access to tools that can turn people's phone service off just by clicking the wrong thing. :Q