Reply to post: pUctuAt10n

It's 2016 and idiots still use '123456' as their password

Lysenko

pUctuAt10n

I found our support overhead from forgotten passwords went way down after we set the rules as:

1) Case Insensitive

2) No Numbers

3) Punctuation Ignored

4) LONG

Therefore:

isthisadaggeriseebeforeme

Is this a dagger I see before me?

...both work.

All the user needs to remember is the Shakespeare connection. The extra length compensates for the loss of complexity vs. a standard 8 char password with enforced l33+ speak. Most "weak password" checks I encounter will bounce "password" but allow "Password1". Pointless.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2019