My company forces me to change the password every 3 months AND I cannot use the last 10. I use a very strong password and this rule is ridiculous. So I just change it 11 times, iterating a number at the end until I can use my last one. Fuck you.
It also normalizes resetting passwords all the time for IT. Like, the help desk can get social engineered into resetting your password for someone else. Even if you use Self-Service Password management, you’ll still have callers every day who can’t figure out that system.
Typically you need your main company password reasonably typeable because you’ll be entering it constantly and often in places that don’t support password autofill.
Which is also why forcing people to change passwords so often causes more issues than it solves. People just dumb it down until it meets the bare minimum requirements.
Speaking of corporate passwords, a shitty system has the modern windows network support modern passwords, but some important system you need reads the windows network password, but enforces ancient windows password rules, including a length limit of 16 characters
My company forces me to change the password every 3 months AND I cannot use the last 10. I use a very strong password and this rule is ridiculous. So I just change it 11 times, iterating a number at the end until I can use my last one. Fuck you.
Also correcthorsebatterystaple.
You get three whole months? We have to change ours monthly. Everyone has passwords written on our laptops.
Microsoft recommends 3 months. Places that follow MS advice will be on 3 months. A few years ago the above was to change every month
The more convoluted the Password rules are, the more sticky notes with the monthly password are found.
It also normalizes resetting passwords all the time for IT. Like, the help desk can get social engineered into resetting your password for someone else. Even if you use Self-Service Password management, you’ll still have callers every day who can’t figure out that system.
Couldn’t a password manager generate and remember them for you?
Typically you need your main company password reasonably typeable because you’ll be entering it constantly and often in places that don’t support password autofill.
Which is also why forcing people to change passwords so often causes more issues than it solves. People just dumb it down until it meets the bare minimum requirements.
Speaking of corporate passwords, a shitty system has the modern windows network support modern passwords, but some important system you need reads the windows network password, but enforces ancient windows password rules, including a length limit of 16 characters
I feel your pain. Then again, that is a good way to exercise your brain, getting you some new/fresh braincells.
Your “future you” will definitely appreciate those “brain workouts”.