Anyone else work in an office that requires you to reset your passwords every 60 days or sooner?

[techgamer]

passwords are great and all so someone cant get into your workstation and mess around. But unless you are in a government job or something with highly sensitive information is it necessary to have 12 character passwords with case sensitivty that cant be reused etc at a normal office job? I think its a bit unneccessary in certain situations.

 

[jandrews]

sheesh, that is too much, every 90 days here and I only have 1 password for everything on the domain. If you go too much more than that people will just write down their passwords and leave them at their desk.

 

[pyonir]

Originally posted by: Marlin1975

Originally posted by: pyonir

Originally posted by: Marlin1975

Originally posted by: pyonir
My last job had that. I had 5 different passwords and they all had to have a capital letter, lower case, number and special character. it sucked.

yea i work in State Dept and some of our passwords have to have at least 1 of each of those.

Needless to say they a very good "forgot password" program setup so you can reset it in a matter of minutes.

Yep, i worked for a government contractor. it was a DOD requirement AFAIK. The forgot password program we had through our help desk was pretty simple too. Most people have their PWs written down next to their computers anyway...of course. lol.

That can cost someone their job if someone from security sees it. I have TS like a lot of people so passwords are a big deal if you have it written down.

Oh i know. Still doesn't stop them. They are told it could cost them their job all the time...they still do it. lol

 

[OrganizedChaos]

3 weeks at my last job and you couldn't use the previous 5

 

[djheater]

Originally posted by: Citrix
45 days here and we require strong passwords. all i do in increment the number in my pw by 1 and im good to go and easly remembered.

P@$$w0rd10#
P@$$w0rd11#

Genius!

I'm sold...
Citrix for elite!

 

[Phoenix86]

Go complain to your IT people.

The ones with more complex password requirements. Oh, and for every password you have, they generally have 2. One for the system you are accessing, and an administrative account. They also have probably twice as many systems as they access meaning they can have as many as 4x the passwords of users who complain about passwords.

 

[HannibalX]

<----- Security Engineer for a way to big company...

90 days domain
30 days as/400
30 days payroll/exspense

 

[ravana]

Originally posted by: jandrews
sheesh, that is too much, every 90 days here and I only have 1 password for everything on the domain. If you go too much more than that people will just write down their passwords and leave them at their desk.

Same here & I can't reuse the passwords either....so I've had an interesting run of passwords, no resets.....yet.

 

[Phoenix86]

Originally posted by: djheater

Originally posted by: Citrix
45 days here and we require strong passwords. all i do in increment the number in my pw by 1 and im good to go and easly remembered.

P@$$w0rd10#
P@$$w0rd11#

Genius!

I'm sold...
Citrix for elite!

Microsoft uses "P@$$w0rd" for their training logins. 1 billion to 1 this has made it into brute force lists and is not much more secure than "password".

 

[ViviTheMage]

the best is when they do not allow you to repeat the past 20 or so passwords...so if you use like thepass you can never use any variation of it, haha... I love it! I have like 40 passwords -_-

 

[hydroponik]

Why not do this, when the earliest password expires, change all your other passwords to your new one. This way, you can use the same for anything you need to get into.

 

[UNCjigga]

Yeah I hate it...except I need to change passwords every 30 days and I cannot use any of the previous 24 passwords!

My passwords are typically ******01, ******02, etc.

At least we don't require strong passwords or hashing yet.

 

[Regs]

Yeah, I have about 3 different log-in's at work. One of those programs are SAP, and it so happened one day to tell me I needed a special character in my password and a number which completely screwed me up.

*&*ghhghgh555#@@@##$$

Ah I give up.

 

[Canai]

Just pick a random sting of capital, lowercase, numbers, and symbols that meets the minimum required length. Then when the reset comes, just add a few digits to it.

 

[TXHokie]

Originally posted by: indamixx99
I know it's not very secure, but I just take my old password, and change the number and symbol at the end. So, if it ended in 2@, (2 and shift-2), i would end it in 3# (3 and shift-3), then 4$. How's that for originality?

Hey that's my scheme!!! Only I use 3 numbers.

 

[jdoggg12]

We have to reset ours every 45 days. You cannot use the same one with 64 iterations, and there are 3 different systems and none of the systems are allowed to share the same password, or password history.

Its pretty lame

 

[DivideBYZero]

Originally posted by: BurnItDwn
Hmm ...
Just going over my personal logins/passwords ....
Most are at least 60 days, but there are several that are less.

mainframe 1 ... every 30 days
mainframe 2 ... every 30 days
"safeboot" for off hours support laptop ... every 60 days
VPN for off hours suppotr laptop ... every 180 days
Unix login for about 50 different production servers (linked via GUARDIAN) ... every 42 days
Oracle Login ... every 60 days
Windows PC login ... every 180 days
Novell Login ... every 90 days
Remedy Application ... every 360 days
Lotus Notes ... password changes not enforced
Unix login to webserver (not linked via GUARDIAN) ... every 90 days
Unix login to X windows server (not linked via GUARDIAN) ... password changes not enforced
Corporate Web App (all apps linked via an internal proprietary DB) ... password changes every 30 days

Then there's about 75 other logins shared/controlled by all the members of the group I'm in ....
Ahhhh .... headache ....

Single Sign-on. Now!

 

[imported_Imp]

For the past 2 summers yes. The real pisser is that they make you change the password to something different. I always get confused which one's which even when typin passwords elsewhere.

 

[her209]

Biometric FTW!

 

[spidey07]

Originally posted by: Imp
For the past 2 summers yes. The real pisser is that they make you change the password to something different. I always get confused which one's which even when typin passwords elsewhere.

That's what excel is for. Just keep a spreadsheet of all your passwords. Change your password, update the sheet.

 

[sestrugen]

have 6 passwords, have to change them every 45 days, cant be the same as 12 used before, needs to be 6+ chars up and to include upper case, lower case, number and special characters

just another annoyance

 

[jmanny]

Yes and it is a PITA. None ever link up like they are supposed to so I end up having 6 or seven different passwords.

 

[Rubycon]

Our passcodes have a 90 second half life. We have to carry around this little FOB that has a 10 digit display. At least it has a little pinwheel icon that shows the "life" in the current code so it doesn't tumble in the middle of typing it in! :laugh:

 

[alkemyst]

90 days, can't use the same password within 540 days.

 

[RadiclDreamer]

Previous 12 is going a bit overboard, 1-2 is fine but anything more than that and your admin is just begging for someone to post their password on their monitor