• TheGreenGolem@lemm.ee
    link
    fedilink
    arrow-up
    20
    ·
    1 year ago

    My company forces me to change the password every 3 months AND I cannot use the last 10. I use a very strong password and this rule is ridiculous. So I just change it 11 times, iterating a number at the end until I can use my last one. Fuck you.

    Also correcthorsebatterystaple.

    • Texas_Hangover@lemm.ee
      link
      fedilink
      arrow-up
      8
      arrow-down
      1
      ·
      1 year ago

      The more convoluted the Password rules are, the more sticky notes with the monthly password are found.

      • Bytemeister@lemmy.world
        link
        fedilink
        Ελληνικά
        arrow-up
        4
        ·
        1 year ago

        It also normalizes resetting passwords all the time for IT. Like, the help desk can get social engineered into resetting your password for someone else. Even if you use Self-Service Password management, you’ll still have callers every day who can’t figure out that system.

    • Zoidsberg@lemmy.ca
      link
      fedilink
      arrow-up
      6
      ·
      1 year ago

      You get three whole months? We have to change ours monthly. Everyone has passwords written on our laptops.

      • psud@lemmy.world
        link
        fedilink
        arrow-up
        3
        ·
        1 year ago

        Microsoft recommends 3 months. Places that follow MS advice will be on 3 months. A few years ago the above was to change every month

    • Faresh
      link
      fedilink
      English
      arrow-up
      3
      ·
      edit-2
      1 year ago

      Couldn’t a password manager generate and remember them for you?

      • greenskye@lemm.ee
        link
        fedilink
        English
        arrow-up
        11
        ·
        1 year ago

        Typically you need your main company password reasonably typeable because you’ll be entering it constantly and often in places that don’t support password autofill.

        Which is also why forcing people to change passwords so often causes more issues than it solves. People just dumb it down until it meets the bare minimum requirements.

        • psud@lemmy.world
          link
          fedilink
          arrow-up
          2
          ·
          1 year ago

          Speaking of corporate passwords, a shitty system has the modern windows network support modern passwords, but some important system you need reads the windows network password, but enforces ancient windows password rules, including a length limit of 16 characters

    • GustavoM@lemmy.world
      link
      fedilink
      English
      arrow-up
      1
      arrow-down
      13
      ·
      edit-2
      1 year ago

      I feel your pain. Then again, that is a good way to exercise your brain, getting you some new/fresh braincells.

      Your “future you” will definitely appreciate those “brain workouts”.