I get to a lot of clients and so see a fair number of interesting password requirements. Like many of you I wonder how “secure” things will be when setting up a password becomes an exercise in frustration. Here’s the worst though from Mashable.
I get to a lot of clients and so see a fair number of interesting password requirements. Like many of you I wonder how “secure” things will be when setting up a password becomes an exercise in frustration. Here’s the worst though from Mashable.
I can smell a Mainframe RACF user repository behind
8 character limit and effectively Base64 or Base32 encoding? That alone is all the password hackers would need if they got the database? DES for example is about the same difficulty. We all know how popular DES is for encrypting connections and hard drives (LOL). Just going to mandatory 16-digit passwords would pretty much eliminate the need for most other password rules. Only an idiot would use their username or something…