Tuesday, October 15, 2013

The Strictest Password Policy (that I've ever seen)

Check out this list of rules for a password:
· Password must not contain the following characters: @&$"
· Password must contain at least 1 special characters.
· Password must contain at least 2 unique characters.
· Password must contain at least 1 lowercase letters.
· Password must contain at least 1 numeric characters.
· Password must be at least 8 characters long.
· Password must contain at least 2 alphabetic characters.
· Password must contain at least 1 alphanumeric characters.
· Password change reminder will be sent 80 days after the last password change.
· Password will expire 90 days after the last password change.
· Password must contain at least 1 uppercase letters.
· Password must not be one of 10 previous passwords.
No joke, this was the list of rules for a server at a previous employer. Apparently, alphanumeric and numeric characters are totally different. Not only do you have to have at least 1 uppercase letter and one lowercase letter, you need two alphabetic characters. Whoa.

Granted, it's probably not the strictest policy in the world - I mean, that's some serious overlap - but man it was crazy to see in production.


0 comments:

Post a Comment