0
   

password expirations

 
 
yitwail
 
Reply Mon 10 Apr, 2006 10:54 am
i just tried to access a work-related site, and learned that my password had expired. now, here are the directions for creating a new password:

Quote:
Your password must be between 8 and 14 characters long and must contain at least one upper case letter, one lower case letter, one number and one standard special character (like %, @ or #).

Passwords cannot contain: more than 3 repeating characters, more than 3 incremented or decremented numeric strings or more than 3 incremented or decremented alphabetic strings.


it was hard enough creating one password i could remember without writing it down that satisfied all those conditions. Mad
  • Topic Stats
  • Top Replies
  • Link to this Topic
Type: Discussion • Score: 0 • Views: 2,537 • Replies: 16
No top replies

 
Linkat
 
  1  
Reply Mon 10 Apr, 2006 10:57 am
I write the damn passwords down - that is the only one I can remember the 10,000 required for all the systems here at work.
0 Replies
 
yitwail
 
  1  
Reply Mon 10 Apr, 2006 10:58 am
but haven't they told you that you must never write a password down for security reasons? Rolling Eyes confidentially, what i do is write down a description of it, what it means, what format it is, say Aaa#aa, where A is uppercase, a is lower case, # is a digit, etc.
0 Replies
 
yitwail
 
  1  
Reply Mon 10 Apr, 2006 11:05 am
and then when i finally dream up a new password,

Quote:
Too much time has passed since your last request. For your protection, please logon again.

Mad
0 Replies
 
Linkat
 
  1  
Reply Mon 10 Apr, 2006 11:46 am
I know - it is posted every where - do not write down your password.

F* that. If I didn't write it down, then I would be calling the help desk several times a day to reset my password. Everyone writes it down. Mine are neatly organized in an easy accessible place.

I even had one bonehead in our IT area that asked me to leave my password written down on my desk so he could logon to while I was away from my desk.
0 Replies
 
Walter Hinteler
 
  1  
Reply Mon 10 Apr, 2006 11:54 am
Linkat wrote:

I even had one bonehead in our IT area that asked me to leave my password written down on my desk so he could logon to while I was away from my desk.


And I looked through all the drawers etc . Waste of expensive time. Sh!t


:wink:
0 Replies
 
FreeDuck
 
  1  
Reply Mon 10 Apr, 2006 11:54 am
Yeah, that's what I was going to say. Forcing people to come up with a new password every three months, one that's not the same as any of the last 5 previous ones, with all the password rules you can shake a stick at, just ensures that they will have to write it down. I think I'd be ok with it if they let us cycle them back and forth every six months or so.
0 Replies
 
sozobe
 
  1  
Reply Mon 10 Apr, 2006 11:58 am
What I've done is have a base password that I then adjust according to requirements. Then I write that down, but it's still not the whole thing. Like, "base + %1b"
0 Replies
 
yitwail
 
  1  
Reply Mon 10 Apr, 2006 12:10 pm
sozobe, that's a good plan, but might be hard to maintain if the password has to be 7 or 8 characters. i never could understand how limiting the maximum number of characters improves security. Razz
0 Replies
 
roger
 
  1  
Reply Mon 10 Apr, 2006 12:12 pm
Yep. I have one that expires like every 6 months. Can't reuse an old one till it's got 5 more expired passwords after it. Of course I write it down.
0 Replies
 
sozobe
 
  1  
Reply Mon 10 Apr, 2006 12:15 pm
The point is that the base has four-six characters, itself. (It's not literally "base", it's some combination [nonsensical is better] that you can remember, and then adapt to use for whatever requirements there are.)

So if your base is, say, mildew (too literal, just an example), then to make it fit the requirements in the first post you'd make that password "mildewB%1" and write it as "base + B%1."
0 Replies
 
Linkat
 
  1  
Reply Mon 10 Apr, 2006 03:19 pm
Great idea sozobe - some of my passwords though cannot have the same so many letters so a base unfortunately can't work.

I typically use the same password - just toss the letters/numbers around a bit. But then when I forget is it ABC123, 123ABC or A1B2C3 and by the time I try all the combos - I have used up all my chances and I need to have my password reset.

Writing it down isn't safest, but it is easiest.
0 Replies
 
sozobe
 
  1  
Reply Mon 10 Apr, 2006 03:35 pm
Again, "mildew" was just an example -- the base can be a combo (letters & numbers), as long as you remember it.

Anyway, just trying to get what I'm saying across. It's worked well for me.
0 Replies
 
FreeDuck
 
  1  
Reply Mon 10 Apr, 2006 04:42 pm
I know a lot of people who have done that same sort of thing and it seems to work. For some reason, not for me, though. I think it has something to do with the fact that I'm a slob and I have papers and notes everywhere. I often can find everything except what I'm looking for.

I have about 3 or 4 "words" that I rotate with different capitalization and punctuation. It's partially effective -- I still sometimes can't remember it, but usually if it's something I use a lot it's in my fingers by the 4th or 5th time.
0 Replies
 
hingehead
 
  1  
Reply Mon 10 Apr, 2006 05:49 pm
I've got about six words I use for everything. My trick is to substitute zeros for 0hs, threes for E's and ones for I's.

I think sys guys should make your password contain rude and offensive language - that way you'd be much less likely to tell anyone what your password was.

And my last tip: patterns on the keyboard - zse45thn
0 Replies
 
parados
 
  1  
Reply Mon 10 Apr, 2006 06:30 pm
Pass phrases are the way to go..

[email protected]:30
Eat2Live?

#4Is>#2

MyBDay4/30
MomBDay6/30

Phrases become easy to change because you don't have to change the entire password. Just change a few letters or a word.

Another trick is keep all your passwords in a password protected file then you only have to remember that file password. (on your PDA perhaps)
0 Replies
 
FreeDuck
 
  1  
Reply Tue 11 Apr, 2006 06:48 am
Yeah, that's what I use. Some of my retired ones:

Igot2P!
Ir8h0nky


These can be updated/modified to:

iG0t2p
1g0tToP

1r8Honky
1r8H0nkY
ir8Honky

Some people I know use the date that they changed their password. I guess that works too.
0 Replies
 
 

Related Topics

Clone of Micosoft Office - Question by Advocate
Do You Turn Off Your Computer at Night? - Discussion by Phoenix32890
The "Death" of the Computer Mouse - Discussion by Phoenix32890
Windows 10... - Discussion by Region Philbis
Surface Pro 3: What do you think? - Question by neologist
Windows 8 tips thread - Discussion by Wilso
GOOGLE CHROME - Question by Setanta
.Net and Firefox... - Discussion by gungasnake
Hacking a computer and remote access - Discussion by trying2learn
 
  1. Forums
  2. » password expirations
Copyright © 2022 MadLab, LLC :: Terms of Service :: Privacy Policy :: Page generated in 0.03 seconds on 10/03/2022 at 12:03:41