Your password can't be longer than 16 characters. Letters and numbers only

>Your password can't be longer than 16 characters. Letters and numbers only.

>forces me to change my password
>you new password cannot be the same

Can anyone explain the less than 16 meme my work requires me to have a password more than 8 but less than 16charactors must have q capital, must have a number, AND must have a symbol like &$@ or example, also we have to make new passwords every month and they can't be the same as any previous ones

FUCK man

>forces me to change my password
>your new password can't be one of your previous passwords

Why the fuck are they allowed to even keep track of all my past passwords? Even if hashed?

i was gonna write this actually but then i thought i made that one up. i saw the same thing then.

probably some chucklefuck in the IT department that thinks doing things that way is 'secure'
and that he can assign that and can't get yelled at because he runs that shit

So much this.
Have to use 3 Programs at Work, each with a different Password.
Have to change it every 6 months, but cant use my old ones.
Meaning they have a DataBank of everyone's previous Passwords, probably in the most unsecured format.

One23456789Ten

Having to change your password often is stupid. People are just going to use easy ones like 1234567Q! because by the time they've memorized their new password it's time to change again. It's better to have a secure password from the start, that way there's no need to ever change it. Well, unless future computers can crack them in seconds.

why are you worried about your hashed & salted pws being stored?

if the concern is that they're not hashed & salted then your company employs retards and maybe don't work there or file a complaint

>any kind of restrictions on passwords besides minimum length > 6 chars or so
>EVER
fucking retards running the IT world nowadays

You people are retards

It's because password security becomes a PROBLEM FROM THE USER HIMSELF.

Very likely if you require a 15char+ password, the user can't remember it. So he writes it down, where does he keep it? under his keyboard or a sticky note on his monitor. That's way more insecure than a short password.

Bruteforcing is a thing of the past anyway, it's not really a concern. Much better for a user to be able to remember his password in his head

Plenty of reasons why you wouldn't want random companies doing that, what if you're accused of something, and your known passwords are used again you?

you cannot realistically recover the plaintext of a hashed & salted text if the hash algorithm used was suited to the usage case.

that's why you hash and salt.

...Are you pretending to be retarded? You don't need to recover the plaintext, they would compare the hash and salted text of other known plaintext passwords to the hashed and salted passwords in pajeets big databse.

But you're a retard because nothing you said makes sense

>taking off a password limit will force people to make passwords so long they won't remember them

>they would compare the hash and salted text of other known plaintext passwords

What? In your scenario they already know your passwords, they then hash&salt them to compare against some credentials DB and pin you to a user in the DB?

How on earth do they already know your passwords? That should never happen.

Moreover there is no world in which a court will believe that because two users used the same password, they are the same user. At most it will be enough for a search warrant, which is still extremely unlikely without additional evidence.

If the concern is about punishment from a non-state agency, I suppose this is conceivable but you should be able to realistically argue your case.

nobody is trying to log into your fucking facebook you retarded normies

post lol so random non-sequiturs in

>you're accused of running huge http keyloger
>they take the web panel login password and hash it and compare it to your past aplel and microshit passwords
>they match
>but somebody did this on purpose to frame you

Then don't commit crimes faggot. Your employer doesn't have to get rid of old information for the explicit purpose of protecting your ass.

>if you're accused of a crime that means you're guilty

If your password is somehow used against you, then it's probably evidence that you're guilty.

In order of annoyance:

>your password is not long enough
>your have to use a special symbol
>your password has to differ from your last
>your new passwort has to differ by more than one letter
>your last password cant be part of your new password

it's annoying and it only makes a bit sense

>probably
Rest my face, I'm right. No reason they should keep track of your old passwords for no reason when there is a chance it can be used against an innocent.

>your new passwort has to differ by more than one letter
>your last password cant be part of your new password
What the fuck. So they have your password stored in plaintext?

in the prompt you have to put in your oldpassword first. so that's where they have it

If I remember well, accounts on Windows servers can keep you from using any password you've had in the past.

thats my fucking point, user, im on your fucking side

the best passwords are the ones the user freely creates and uses

Windows Enterprise can store up to your last 100 passwords, and there is a setting in the Group Policy to make it so you can't use your last n passwords.

>password resets every 6 months
>can't reuse any of your previous passwords

I hate my school so much.

stfu

>not using a password manager
>changing password is as easy as hitting generate

dumb fucks

It's fucking stupid, but you can make a very secure 16-character password if you use a password manager/generator.

I've had accounts that maxed out the password length at 6 or 8 characters, and you could only use letters and numbers; no symbols.

It's literally impossible to make a good password with those restrictions.

normally just change my pw generator to fit accordingly, but i would shoot them an email about it if i cared enough.

sucks some important accounts i have use stupid limits like this

>"You can't use social media to threaten people here, give out business secrets, or say anything negative about the company or the store or your boss."
Is someone going to be watching my social media?
>blank, slightly annoyed stare, maybe surprised
>"No, and we won't pry into your life, but you can't do those things, and someone from loss prevention will check these things from time to time."
>want to say "oh, so someone will be watching my social media then"
>don't have nearly enough balls or reckless abandon to do it because it took me a fucking year to even get a job bagging groceries and fetching carts

oh also
>"You have to make a login for four programs."
>"You should make them all the same so you can remember them."

>Accepts your password as valid.
>Rejects it when you try to log in.

>And it was in that moment I realized that the anons of Sup Forums's tech board would fail to pass any entry level IT certification or test on PCI compliance.

You guys seem to let me down more and more as the days go by.