Why passwords are done wrong

Posted on by  
Kees Nederkoorn

Password must be at least 12 characters long, must include lower and upper case letters, must include numbers, must include special characters, must have at least 3 numbers, must have at least 2 special characters, may not include words in the dictionary. Your password is rejected because it does not comply to our policy. A policy that isn’t published anywhere, but you must make one that complies anyway. Your password has expired, make a new one that does not resemble any of the passwords that you have created in the past. And it’s all useless. We’re all doing it wrong.

Continue reading →