this post was submitted on 23 Sep 2023
1224 points (98.2% liked)

Comic Strips

12583 readers
3403 users here now

Comic Strips is a community for those who love comic stories.

The rules are simple:

Web of links

founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
[–] TheGreenGolem@lemm.ee 21 points 1 year ago (4 children)

My company forces me to change the password every 3 months AND I cannot use the last 10. I use a very strong password and this rule is ridiculous. So I just change it 11 times, iterating a number at the end until I can use my last one. Fuck you.

Also correcthorsebatterystaple.

[–] Texas_Hangover@lemm.ee 8 points 1 year ago (1 children)

The more convoluted the Password rules are, the more sticky notes with the monthly password are found.

[–] Bytemeister@lemmy.world 4 points 1 year ago

It also normalizes resetting passwords all the time for IT. Like, the help desk can get social engineered into resetting your password for someone else. Even if you use Self-Service Password management, you'll still have callers every day who can't figure out that system.

[–] Zoidsberg@lemmy.ca 7 points 1 year ago (1 children)

You get three whole months? We have to change ours monthly. Everyone has passwords written on our laptops.

[–] psud@lemmy.world 3 points 1 year ago

Microsoft recommends 3 months. Places that follow MS advice will be on 3 months. A few years ago the above was to change every month

[–] Faresh@lemmy.ml 3 points 1 year ago* (last edited 1 year ago) (1 children)

Couldn't a password manager generate and remember them for you?

[–] greenskye@lemm.ee 11 points 1 year ago (1 children)

Typically you need your main company password reasonably typeable because you'll be entering it constantly and often in places that don't support password autofill.

Which is also why forcing people to change passwords so often causes more issues than it solves. People just dumb it down until it meets the bare minimum requirements.

[–] psud@lemmy.world 2 points 1 year ago

Speaking of corporate passwords, a shitty system has the modern windows network support modern passwords, but some important system you need reads the windows network password, but enforces ancient windows password rules, including a length limit of 16 characters