Most suffocating password policy ever

[acemcmac]

This is for an employer's recruitment portal

Please note that the password must respect the following rules:

* It must contain between 7 and 32 characters. Use only characters from the following set: ! # $ % & ( ) * + , - . / 0123456789 : ; < = > ? @ ABCDEFGHIJKLMNOPQRSTUVWXYZ [ ] _ ` abcdefghijklmnopqrstuvwxyz { | } ~
* It must contain at least 1 lowercase letter(s) (abcdefghijklmnopqrstuvwxyz).
* It must contain at least 1 capital letter(s) (ABCDEFGHIJKLMNOPQRSTUVWXYZ).
* It must contain at least 1 numeric character(s) (0123456789).
* It must not contain your user name.
* It must not contain your email address.
* It must not contain your first name.
* It must not contain your last name.

none of my passwords fit that

letter, symbol, letter, letter, letter, letter, number, number = rejected no caps, rejected symbol not onlist

letter, letter, letter, letter, letter, number, number, number = rejected no caps

:|

If their recruitment portal is this anal, I wonder how bad it is to work there. The office complex is within visual distance of the meadowlands complex. I seriously doubt that it would be worth the trouble :thumbsdown:

 

[MikeyIs4Dcats]

Fvcky0u


should work jut fine.

 

[acemcmac]

Originally posted by: MikeyIs4Dcats
Fvcky0u


should work jut fine.

hmmmm

 

[AMCRambler]

Hoooweee that's a good one. You must have Mordak The Preventer of Information Technology as your network admin, haha.

 

[TallBill]

Not even close.

Must contain between 8-12 characters.
Must contain at least 2 upper case letters.
Must contain at least 2 lower case letters.
Must contain 2 numeric characters.
Must contain two non alphanumeric characters (!,@,#,$, etc)

 

[iroast]

!!aaAA00

 

[BCYL]

We have a similar policy for our systems, in addition we must change our passwords every 30 days AND you cannot repeat the same password for 12 months

 

[acemcmac]

Originally posted by: AMCRambler
Hoooweee that's a good one. You must have Mordak The Preventer of Information Technology as your network admin, haha.

No, this is for a place I thought I wanted to apply to work

 

[Cooler]

Make the First Leter cap and use a word followed be a number

example.

Hello123

In my office we have to change our every 4 weeks and they never can be the same.

 

[simms]

It's not that hard.

asD8ckdf

 

[TallBill]

Just make sure you write it on a post it note and stick it to your screen so you dont forget.

 

[saxophonoia]

That's pretty much exactly what ours is.

 

[Kenazo]

Originally posted by: BCYL
We have a similar policy for our systems, in addition we must change our passwords every 30 days AND you cannot repeat the same password for 12 months

Although I understand the reasons for such a policy, I bet it ends up being less secure b/c employees are just going to write their PW on a stickynote and have it in their desk. If it wasn't changing all the time they'd actually be able to remember it.

 

[mundane]

Originally posted by: TallBill
Just make sure you write it on a post it note and stick it to your screen so you dont forget.

:thumbsup:

 

[Armitage]

Originally posted by: TallBill
Not even close.

Must contain between 8-12 characters.
Must contain at least 2 upper case letters.
Must contain at least 2 lower case letters.
Must contain 2 numeric characters.
Must contain two non alphanumeric characters (!,@,#,$, etc)

That's similar to the rules at some places I've worked. In addition, they regularly run dictionary attacks against the password files using several languages including Klingon and various slang dictionaries.

 

[acemcmac]

Originally posted by: saxophonoia
That's pretty much exactly what ours is.

A reasonable policy should not require more than two out of the following three: numbers, caps, symbols

 

[Gand1]

Originally posted by: diegoalcatraz

Originally posted by: TallBill
Just make sure you write it on a post it note and stick it to your screen so you dont forget.

:thumbsup:

And put it on your monitor and/or under your keyboard!

 

[CVSiN]

Originally posted by: acemcmac
This is for an employer's recruitment portal

Please note that the password must respect the following rules:

* It must contain between 7 and 32 characters. Use only characters from the following set: ! # $ % & ( ) * + , - . / 0123456789 : ; < = > ? @ ABCDEFGHIJKLMNOPQRSTUVWXYZ [ ] _ ` abcdefghijklmnopqrstuvwxyz { | } ~
* It must contain at least 1 lowercase letter(s) (abcdefghijklmnopqrstuvwxyz).
* It must contain at least 1 capital letter(s) (ABCDEFGHIJKLMNOPQRSTUVWXYZ).
* It must contain at least 1 numeric character(s) (0123456789).
* It must not contain your user name.
* It must not contain your email address.
* It must not contain your first name.
* It must not contain your last name.

none of my passwords fit that

letter, symbol, letter, letter, letter, letter, number, number = rejected no caps, rejected symbol not onlist

letter, letter, letter, letter, letter, number, number, number = rejected no caps

:|

If their recruitment portal is this anal, I wonder how bad it is to work there. The office complex is within visual distance of the meadowlands complex. I seriously doubt that it would be worth the trouble :thumbsdown:

um thats pretty standard at most real workplaces...
everywhere ive ever worked used storng passwords.. and then every 3 months you need a brand new one... with nothing in common with the previous one...

at least here we only use smartbadges with a 4 digit PIN code.. love it.. but you are screwed if you forget it..

 

[Steve]

Ours is comparatively lax - minimum five characters, no stipulations on caps or lowercase or use of numbers. Passwords expire every 40 days and you cannot use the same password you used up to five (or is that nine?) passwords ago. Many users do something simple like robert01, then robert02, etc.

 

[TallBill]

Originally posted by: Armitage

Originally posted by: TallBill
Not even close.

Must contain between 8-12 characters.
Must contain at least 2 upper case letters.
Must contain at least 2 lower case letters.
Must contain 2 numeric characters.
Must contain two non alphanumeric characters (!,@,#,$, etc)

That's similar to the rules at some places I've worked. In addition, they regularly run dictionary attacks against the password files using several languages including Klingon and various slang dictionaries.

Bwuahahaha, I'm betting that klingon has discovered a few hits.

 

[notfred]

Umm, everyone has pretty much that same policy.

 

[MikeyIs4Dcats]

what I want to know is WhoTF is using 32 character passwords???

 

[spidey07]

Originally posted by: notfred
Umm, everyone has pretty much that same policy.

yep. That's what a strong password is and pretty much standard practice IMHO.

 

[MiniDoom]

That policy isn?t sh!t, domain admins here have the same with no less than 16 characters. Mine has 18, try typing that a few dozen times a day.

 

[Demon-Xanth]

FuK7#155#17 fits.