Re: Idiot password checkers
XKCD again as mentioned earlier.
But the problem is that many systems won't let you use passphrases. Either they won't accept passwords that long or they insist on 'at least one upper, lower, digit, rune' etc as in Dabbsie's original article.
Every place I go I email the IT admins the link to the XKCD cartoon but unfortunately your average Microsoft-only IT bod doesn't understand what 'entropy' means - or anything else about real, effective security.
Also, Windows only supports the 'enforce password compexity' (runes!) option so that's what the IT twonks enforce.
Biting the hand that feeds IT
