Jump to content
Covecube Inc.
  • 0

WTF: Passphrase requirements


Question

Hi !

 

I know security is important but your passphrase requirements are kinda contraproductive.

 

post-2417-0-08183500-1471116720_thumb.jpg

 

It is fine if you recommend a password phrase which meets your requirements but you should allow people to use less secure passwords. For instance, I usually choose whole sentences. Those are secure enough according to security experts and even recommended over complex passwords because they can be easily remembered but still be complex enough to not be hackable easily. You passphrase requirements are contraproductive to my security model. I may be able to change a few letters to numbers but adding a special character and a capitol letter are just over the top. Please make this optional, I am not securing my bank account here.

 

Thanks

Alex

Link to post
Share on other sites

5 answers to this question

Recommended Posts

  • 0

Totally agreed on this. Warning me that you don't like my password is one thing, but enforcing it as a requirement and placing restrictions on what I can and cannot choose is going too far. Keep your opinions out of my environment please. You're not my administrator here, and thinking it's your place to enforce policies on my system is not cool at all.

Link to post
Share on other sites
  • 0

If you just remeber one three character set of a capital, a number and a special character and end all your long normal sentences with these you're all set.

 

Having said that, I do not disagree with OP.

 

 

Totally agreed on this. Warning me that you don't like my password is one thing, but enforcing it as a requirement and placing restrictions on what I can and cannot choose is going too far. Keep your opinions out of my environment please. You're not my administrator here, and thinking it's your place to enforce policies on my system is not cool at all.

 

 

 

 

I have mixed feelings about this personally.  I don't like overly restrictive passwords/phrases,  But underly restrictive are just as bad. 

 

 

Regardless, I've flagged a request for more leniency here, so that it doesn't have to be as restrive. 

https://stablebit.com/Admin/IssueAnalysis/27144

 

That said, the password key (or pass key) is a 64 hex character string, prefaced with "H". 

 

Meaning that you can get creative here and create some fairly memorable phrases as the passkey. 

Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Answer this question...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
×
×
  • Create New...