What's your opinion on password policies /g/
> Must be 7 characters long
> Must contain 1 upper case letter
> Must contain 1 number or symbol
> Cannot reuse previous X passwords
We have a secret policy at our office, over 12 chars it does not expire.
Nobody has found it yet
>>56394004
Make it 20 and it's perfection
For pages I rarely visit, I generate a random password. Next time I visit, I request to reset password.
Anything under 12 characters is unacceptable. On average I use 20 or more. Special characters, capitals, symbols, etc are significantly less important than overall length.
>hurr I use a password with 69E42 characters
Nobody is going to guess your password. Weak passwords are hashed and salted, which makes reversing database leaks impractical. Login systems will cut you off if you guess incorrectly too many times.
The fact that you think writing down a really long password for others to see is a good idea shows how little you know about this stuff. Now quit being autists.
Law firm tech here. I hate it. Pete have to update every 30 days. They forget. Their RSA gets locked. A giant pain. I'm a be liver that if it isn't through the to be compromised, don't change it.
But of course, our clients decide our policies so fuck it. Half my day is spent in AD and RSA Administration console.
>>56395885
What are you talking about? I have literally no problem remembering long passwords. As a matter of fact, I find it easier to remember a full sentence than a random short string of shit. 'Hammer down the nails.' is significantly easier to remember than something like 'HHiff12488~' the only issue with spaces is the very distinguishable sound they make compared to a regular key tap.