Too many passwords and logins

[Gutwrench]

Wait, we must change our pw every 30 days.

All these enhanced security rules is forcing us to write them down and stick them to our monitors.

In order to increase the security of all company computing facilities,
and to avoid the possibility of unauthorized use of these facilities,
new rules are being put into effect concerning the selection of
passwords. All users of computing facilities are instructed to change
their passwords to conform to these rules immediately.

RULES FOR THE SELECTION OF PASSWORDS:

1. A password must be at least six characters long, and must not
contain two occurrences of a character in a row, or a sequence of two or
more characters from the alphabet in forward or reverse order. Example:
HGQQXP is an invalid password. GFEDCB is an invalid password.

2. A password may not contain two or more letters in the same position
as any previous password. Example: If a previous password was GKPWTZ,
then NRPWHS would be invalid because PW occurs in the same position in
both passwords.

3. A password may not contain the name of a month or an abbreviation
for a month. Example: MARCHBC is an invalid password. VWMARBC is an
invalid password.

4. A password may not contain the numeric representation of a month.
Therefore, a password containing any number except zero is invalid.
Example: WKBH3LG is invalid because it contains the numeric
representation for the month of March.

5. A password may not contain any words from any language. Thus, a
password may not contain the letters A, or I, or sequences such as AT,
ME, or TO because these are all words.

6. A password may not contain sequences of two or more characters which
are adjacent to each other on a keyboard in a horizontal, vertical, or
diagonal direction. Example: QWERTY is an invalid password. GHNLWT is
an invalid password because G and H are horizontally adjacent to each
other. HUKWVM is an invalid password because H and U are diagonally
adjacent to each other.

7. A password may not contain the name of a person, place, or thing.
Example: JOHNBOY is an invalid password.

Because of the complexity of the password selection rules, there is
actually only one password which passes all the tests. To make the
selection of this password simpler for the user, it will be distributed
to all supervisors. All users are instructed to obtain this password
from his or her supervisor and begin using it immediately.

 

[Nermal]

a password containing any number except zero is invalid

a password may not contain the letters A, or I, or sequences such as AT, ME, or TO because these are all words

What the *bleep*?! Is this real or did you get it from The Onion? [Edit: Having read it more fully, I'm now firmly believing the latter ]

 

[BigMcGuire]

Can't count how many companies think it is ok for workers to have their PW on a post-it on their monitors. It's what everyone does.

Can't recommend 1Password enough.

 

[Volusia]

Another who recommends a password manager program. We use 1Password via a family program with each. member paying their share; works out to about $10 each per year.
As the name indicates, you only have to remember one good password which gets you into the program. From there you click the link to the site you want and it does the rest for you in most cases. It will even create a good password for your sites and tell you if something you subscribe to was hacked.
Very much worth the investment.

 

[Apple_Robert]

Wait, we must change our pw every 30 days.

All these enhanced security rules is forcing us to write them down and stick them to our monitors.

That train is going to wreck. It is just a matter of when.

 

[Tech198]

I just use the same password for everything: PASSWORD

Alternatively, store them securely by writing them down on the bottom of your keyboard wrist rest.

If u have a simple password, there is no such thing as making it secure. Most of the deserve as to why most have not been compromised yet, you've just been lucky all this time.

That train is going to wreck. It is just a matter of when.

Some can get by without ever getting a 'wrecked' train....

 

[Gutwrench]

If u have a simple password, there is no such thing as making it secure. Most of the deserve as to why most have not been compromised yet, you've just been lucky all this time.

One sensitive system that stores customer SSN, DOB, credit bureau history, credit card, and ACH data requires complex passwords. So I use the password “PASSWORD1” and increment the number every three years when we’re forced to change it. And to eliminate the possibility of lockouts from forgetfulness, I just load it into a macro... ctrl-shift-p

 

[Apple_Robert]

If u have a simple password, there is no such thing as making it secure. Most of the deserve as to why most have not been compromised yet, you've just been lucky all this time.



Some can get by without ever getting a 'wrecked' train....

That is true. The select few should not keep tempting fate, in my opinion. If a person doesn't want to use programs like 1Password, there are other methods albeit it some are less secure and less convenient.

 

[Solomani]

And when you forget your original password, they send (email, text) you a temporary pass-code so that you can create a NEW password. Insanity!