I had to login to an internal corporate web site a while back. Upon accessing the site, I found that I had to create a login account before I could get to the features that I needed. No problem, I foolishly thought. Thirty minutes later, I was still trying to craft a password that would be acceptable to the system.

Alas, the web site had apparently been set up with extremely stringent password requirements. Even better, the system didn't tell you about any of the requirements until you offended it by not meeting one of them (a most satisfactory user experience, by the way).

After a certain amount of experimentation (and cursing), I was able to figure out what the rules were, so here they are for your edification, amusement and horror:

The password had to have:

• A number.
• An uppercase character.
• A lowercase character.
• A special character (some sort of puncuation, like an exclamation mark).
• Must contain at least 8 - 12 characters.

Furthermore, the password had to have:

• No repeating characters.
• No incremented numbers.
• No decremented numbers.
• No alphabetic strings, i.e. - no recognizable words.

As an exercise, try to come up with a password that meets all of these requirements ... and that you can remember without writing down. Now, imagine that you had to come up with a workable password without knowing all of the rules in advance.

Comments

No comments yet. Be the first.