badstar

You're viewing

badstar's journal
Create a Dreamwidth Account Learn More

Reload page in style: site light

badstar

Is anyone else tired of seeing the "your password is too easy to guess" messages when making posts here?

Flat | Top-Level Comments Only

From:

tecie.livejournal.com

Let me tell you about my job (the one I'm leaving). I support 300 commercial accounts with hundreds or more servers each. I also support internal stuff, so it's another 2000 or so servers supported directly. I have 4 spreadsheets of passwords that belong exclusively to me, and theyre all changing on different schedules (forced system changes) and all have different criteria. For example, some demand a special non alpha numeric charactar, some have to be EXACTLY 8 charachtars, and some HAVE to be all that AND have a number at a specific location inthe sequence (don't get me started on that one). That's not even mentioning the SHARED id's that the whole department uses, which are another couple of spreadsheets in and of themelves.

My advice to you is to get a couple of good strong passwords and rotate them. Easy passwords are suprisingly hard to guess. Like new2you or Sp1ng05 (note the uppercase).
Yeah, changing passwords sucks, but its not the PEOPLE that we in IT security are worried about. It's thecomputers trying common passwords. By the way, passw0rd is the most common of all.

From:

fuego.livejournal.com

ok...stuff that has to be more secure, and has to contain letters and numbers and whatnot is a different story, if i have to play by the password rules, i will if i need to. but livejournal and stuff like that...there's nothing to steal.