Why such a security paranoïa?


Why do you ask to create a password of 10 characters?
No bank is asking to do so. Such passwords are difficiult to remember, they are going to be written somwhere in plain text and the browser is going to remember them anyways?
Is penetrating to your forum represents threat to the national security or to your business accounts or something of the sort? Or just your system admins a covering their asses, just in case?


Most modern password policies are moving towards a more complex password strategy. Do not share passwords between services (I guess it could be annoying if your favourite 8-character password you use everywhere can’t be used on a specific site - but that would go against all sensible advice in any case). It’s simple to deal with, use a free password manager. (keepass, passwordsafe, 1password, etc)

Like you say, the browser is going to remember them anyway and most websites have a ‘forgotten password’ feature.

p.s. Most banks I know use two and often three other forms of authentication (including biometric security), so that comparison isn’t at all reasonable.


This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.