Hacker News new | past | comments | ask | show | jobs | submit login

No sympathy for the organizations that implement these stupid password requirements in the first place.

a) Passwords that are secure.

b) Passwords that can be remembered.

c) Passwords that must be rotated regularly.

You can pick two of the above, and it can be done. But you're not getting all three.




You should have some sympathy. Outdated regulatory standards like PCI:DSS require things like this. It isn't always your employer's choice.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: