I think I heard something recently that online banking sites are going to have to go to that soon.
That's how our VPN access at work is - RSA card.
At my old company, one of the Directors had a password of... you guessed it... "password". And somehow, he'd lock his account out two or three times per week and need it unlocked. How do you miss-type "password" every other morning?
This isn't even close to the most suffocating. Try all of the above, plus it cannot contain any english words in it, plus you have to change it every 3 months.
Originally posted by: TallBill
Not even close.
Must contain between 8-12 characters.
Must contain at least 2 upper case letters.
Must contain at least 2 lower case letters.
Must contain 2 numeric characters.
Must contain two non alphanumeric characters (!,@,#,$, etc)
The only problem my two "secure" passwords have with that policy is that they're too long
No problem with the OP's requirements, though...
That's why you break out the 1337 and start replacing a couple letters with numbers or symbols. That way you can use an easy-to-remember password, and still be secure.
shortylickens
No Lifer
- Jul 15, 2003
- 80,287
- 17,080
- 136
Am I the only person here who realizes these policies dont actually secure sh1t?
If they were really worried about security they would get thumb scanners or something.
But, like so many issues related to saftey and security, its cheaper and easier to keep pushing the BS, inneffective methods that dont do jack, just so people can FEEL safer.
Because FEELING safer is much more desirable to a fool than actually BEING safe.
If they were really worried about security they would get thumb scanners or something.
But, like so many issues related to saftey and security, its cheaper and easier to keep pushing the BS, inneffective methods that dont do jack, just so people can FEEL safer.
Because FEELING safer is much more desirable to a fool than actually BEING safe.
Oooh, one of ours is close (I have 26 different passwords in use at my company currently, so this is just one of them):Originally posted by: TallBill
Not even close.
Must contain between 8-12 characters.
Must contain at least 2 upper case letters.
Must contain at least 2 lower case letters.
Must contain 2 numeric characters.
Must contain two non alphanumeric characters (!,@,#,$, etc)
At least 8 characters
At least 1 upper-case character
At least 1 lower-case character
At least 1 numeric character
At least 1 non-alphanumeric character
Hate to break it to you, but a solid password, that you DON'T write on a sticky note to remember, is much more secure than a thumb scanner. Biometrics tends to be easy to fool.
shortylickens
No Lifer
- Jul 15, 2003
- 80,287
- 17,080
- 136
You didnt hate breaking anything to me. You liked it.
In the words of George Constanza "Or something. I said Or Something."
I was actually thinking of a smart card along with the password.
In the words of George Constanza "Or something. I said Or Something."
I was actually thinking of a smart card along with the password.
At my company I have all of the above, password changes every month and you cant reuse any of your last 12 passwords
Originally posted by: jagec
Originally posted by: TallBill
Not even close.
Must contain between 8-12 characters.
Must contain at least 2 upper case letters.
Must contain at least 2 lower case letters.
Must contain 2 numeric characters.
Must contain two non alphanumeric characters (!,@,#,$, etc)
The only problem my two "secure" passwords have with that policy is that they're too long
No problem with the OP's requirements, though...
That's why you break out the 1337 and start replacing a couple letters with numbers or symbols. That way you can use an easy-to-remember password, and still be secure.
I'm sure some of the more common 1337 is in the slang dictionaries.
Originally posted by: shortylickens
You didnt hate breaking anything to me. You liked it.
In the words of George Constanza "Or something. I said Or Something."
I was actually thinking of a smart card along with the password.
we use smart cards here.. i like them alot..
Jeebus Christ, WTF? LOLOriginally posted by: Armitage
Originally posted by: TallBill
Not even close.
Must contain between 8-12 characters.
Must contain at least 2 upper case letters.
Must contain at least 2 lower case letters.
Must contain 2 numeric characters.
Must contain two non alphanumeric characters (!,@,#,$, etc)
That's similar to the rules at some places I've worked. In addition, they regularly run dictionary attacks against the password files using several languages including Klingon and various slang dictionaries.
MLS uses that system as well, athough it is really designed to prevent cheap realtors from sharing accounts, not security.
Here's our policy:
15 character minimum (i'm not making this up)
must contain 1 or more upper, 1 or more lower, 1 or more symbol, 1 or more digits
changed every 45 days
remebers the past 10 or 12 (i don't remember which)
not allowed to end with a digit
not allowed to simply increment the digit in the password
shoot me
Dave
15 character minimum (i'm not making this up)
must contain 1 or more upper, 1 or more lower, 1 or more symbol, 1 or more digits
changed every 45 days
remebers the past 10 or 12 (i don't remember which)
not allowed to end with a digit
not allowed to simply increment the digit in the password
shoot me
Dave
TRENDING THREADS
-
Discussion Zen 5 Speculation (EPYC Turin and Strix Point/Granite Ridge - Ryzen 9000)- Started by DisEnchantment
- Replies: 24K
-
Discussion Intel Meteor, Arrow, Lunar & Panther Lakes Discussion Threads
- Started by Tigerick
- Replies: 19K
-
-
-
Facebook
Twitter