[x]Blackmoor Vituperative

Monday, 2009-11-30

Passwords need to go away

Filed under: Security — bblackmoor @ 19:54

I was just creating an account on a new web site. It has freaking ridiculous password rules.

Your password must have 2 upper case letters, 2 lower case letters, 2 numbers, 2 special characters, and be a minimum of 9 characters and a maximum of 12 characters in length.

Why don’t they just generate a random string that they’ll accept and save me the bother? It’s not like I will be able to remember this monstrosity.

When I was at… Philip Morris, I think it was… there were two systems that had complex password requirements, and they were mutually exclusive. Like, one required two numbers, and the other forbade more than one number. Something like that. So ridiculous. The whole “password” thing needs to die.

I wish more places would clue into OpenID. After exams, I think I will set up an OpenID server on mortshire.org.

2 Responses to “Passwords need to go away”

  1. Blackmoor Vituperative » Comically bad password policy says:

    [...] have believed for a long while now that passwords need to go away. I have to wonder if this comically bad password policy is someone working within the system to get [...]

  2. Blackmoor Vituperative » Passwords are useless says:

    [...] have believed for a long while now that passwords need to go away. Further support for that position is provided by a PC Pro article called How a cheap graphics card [...]

Leave a Reply

You must be logged in to post a comment.