Friday, August 16, 2013

Why everyone hates security

Even I hate security sometimes.  Times like this, in fact.



Password must be a palindrome. Epic security troll is epic.

6 comments:

Anonymous said...

I really wish my company IT folks hadn't seen this video.
Especially wish they hadn't thought it was a tutorial.

juvat said...

Retired mil pay password requirements:


myPay passwords expire every 60 days.

Your password must:

- be 15 to 30 characters long
- contain at least two uppercase letters (A-Z)
- contain at least two lowercase letters (a-z)
- contain at least two numbers (0-9)
- contain at least two of the following special characters: # @ $ % ^ ! * + = _
- change at least four characters from your previous password

Your password cannot:

- contain spaces
- be one of your last ten previous passwords

Why don't they just have a button that says we'll mail you a new password, because if you remember your old one you're a hacker.

Opinionated Grump (Rich in NC) said...

dammmit Im mad
[dammitimmad]

Howzat for a password?

that's my story and I'm sticking to it.
Rich in NC

Roy said...

I know it was satire, but IT people do shit like that. What it means is that people will festoon the inside of their desk drawer with little sticky notes with all of their latest passwords written down. Which, of course, negates the whole purpose.

At my company, we have this training website where we are periodically required to go and take these stupid - but required - courses on such mundane topics as lockout/tagout etc. It requires a password to log in. The password must be changed every 30 days and must...

- be at least 8 characters long
- contain at least two uppercase letters.
- contain at least two lowercase letters.
- contain at least one numeral.

- contain at least one of those special characters.
- be different from your last four passwords.

I just use the same password over and over with a 3 digit number at the end that I increment at every required change.

Divemedic said...

At my last job, I made my password the month/year and the word P4ssw0rd, like so:
Jun2010P4assw0rd

It was the only way to remember it. Now I just use an automated password wallet for my personal passwords, but at work I have to put up with this.
The funny thing is that the worst password schemes are found at the most mundane places. For example, the password requirements to sign up for online sandwich ordering from Jimmy John's. I really don't care if a hacker finds out what my favorite sandwich is.

Ratus said...

Correct battery horse staple