I had one I needed to change every 90 days. Regularly sat there for 30+ minutes going through different passwords like: "Nope, that was January's; . . . shit, last September . . . Is this my current or April's? . . ."
-
This Tweet is unavailable.
-
-
This Tweet is unavailable.
-
Replying to @_basicbecky
They're the worst and also self defeating as people start writing them down (as they did in this case but we also needed a yubikey). Most places these days don't actually implement password requirements that enhance security, but rather reduce it.
0 replies 0 retweets 0 likes -
This Tweet is unavailable.
-
Replying to @_basicbecky
Current guidance is to use long phrases that are easy to remember. Complicated aren't necessarily better. Common letter-number swaps and mixed cases are fairly useless as they only add one additional variable to brute force. Rigid reqs make bad passwords. https://www.npr.org/sections/alltechconsidered/2017/08/14/543434808/forget-tough-passwords-new-guidelines-make-it-simple …
0 replies 0 retweets 0 likes -
This Tweet is unavailable.
-
Replying to @_basicbecky
I don't typically either b/c of other stupid reqs, but if you can, then you should. Basically, every additional character used in a password is 95+ things a computer would have to guess where substitutions add maybe 30 and the common ones are checked first.
1 reply 0 retweets 0 likes -
Replying to @DonQuickOatz @_basicbecky
For example using this: https://password.kaspersky.com/ My password meeting my university's reqs would be broken in 10 minutes, but "stupidfuckingmonkeybrains" would take 400 years to brute force.
0 replies 0 retweets 0 likes -
This Tweet is unavailable.
-
-
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.