I work for a governmental agency which collects and tabulates data about citizens and businesses all over the country. These data are confidential so we have very secure computer systems. To get my PC booted up in the mornings I am prompted to key in five passwords at different points, the whole process takes about ten minutes.
A couple weeks ago a new requirement came down the line: we are now required to have a twelve character password for our main system. And it cannot be based on any word in any dictionary ever printed in any language, backwards or forwards. It has to have alpha characters, numeric characters and special characters. This was supposed to take effect next time your password was up for changing. So I tricked the system to let me use my ten-digit password for another month by changing it the day before the new requirement was to kick in. Pretty sneaky, huh? Except yesterday I got a message on login saying all my grace logins had expired and I had to change my password right then and there. What? So much for tricking the system.
Next month it'll be 30 characters, I'm sure.
15 hours ago