[ale] OT: password gripe

Scott Castaline skotchman at gmail.com
Thu Dec 31 10:27:47 EST 2009 

On 12/31/2009 09:56 AM, krwatson at cc.gatech.edu wrote:
>> -----Original Message-----
>> From: ale-bounces at ale.org [mailto:ale-bounces at ale.org] On Behalf Of
>> Geoffrey
>> Sent: Thursday, December 31, 2009 07:45
>> To: ALE
>> Subject: [ale] OT: password gripe
>>
>> <rant>
>> I do my best to create good passwords.  I'm continuing to find various
>> companies that I do business with, restricting the character set for
>> passwords and/or length.  This drives me nuts because all my passwords
>> contain a combination of alphanumeric and punctuation AND long.  I'm
>> continuing to find companies who do not permit punctuation in a
>> password.  I just don't get it?  Do they not understand that they are
>> reducing the security of a password by restricting the character set?
>>
>> I called support for one company and they told me it was an 'internet
>> standard.'  I told them they were full of crap.
>>
>> What am I missing here?  Can anyone give me a good reason for such a
>> policy????
>> </rant>
>>
>> --
>> Until later, Geoffrey
>>
>
> That really annoys me too, and why won't sights tell you what the password requirements are? I end up having to try several passwords to find out the length limit and character set.
>
> I have hundreds of user names and passwords because I use a different one for every account. I also use different random answers for the security questions on every site.
>
> Why write them down when you can use KeePass to remember them for you?
>
> http://keepass.info/
>
> Did I mention it's open source (GPL) and runs on just about anything.
>
> The Wikipedia article covers it better than I can and gives links for native versions for Linux, OS X, Blackberry, iPhone, Droid, and others.
>
> http://en.wikipedia.org/wiki/KeePass
>
> It doesn't solve the problem of sites that only allow wimpy passwords but it makes changing them regularly and keeping up with them bearable.
>
> keith
>
Thanks Keith for the info and links. For Fedora they have KeePassX. Do 
you know if it works on sites that block saving login info? For example, 
both my banks block that ability at least with FF.

More information about the Ale mailing list