On Sun, Apr 3, 2022, 3:00 PM Brian <a...@cityscape.co.uk> wrote: > On Sun 03 Apr 2022 at 19:45:47 +0000, Andrew M.A. Cater wrote: > > > On Sun, Apr 03, 2022 at 08:25:46PM +0100, Brian wrote: > > > On Sun 03 Apr 2022 at 20:10:14 +0100, Brad Rogers wrote: > > > > > > > On Sun, 3 Apr 2022 21:31:34 +0300 > > > > PanosGR <panagoulias...@gmail.com> wrote: > > > > > > > > Hello PanosGR, > > > > > > > > >I have tried everything and still doesn't get to work. > > > > > > > > Very often passwords are required to contain a mix of upper and lower > > > > case letters and one or more numerals. Some sites require 'special' > > > > characters (%#~$, etc) to be used, some limit their use. > > > > > > Indeed, all of this happens, usually without any explanation > whatsoever. > > > For whose benefit are such requirements constructured? > > > > > > -- > > > Brian. > > > > > > > Some of this is to make passwords harder to guess / harder to > brute-force. > > Some of this is to satisfy regulatory requirements - so credit card > > transactions have particular restrictions / two factor authentication > > or similar. > > My quety related to *whose benefit* these rules are imposed? Your > answer implies it is for the benefit of the website. I am not aware > of any regulatory requirements placed on the user in the UK for > devising passwords. >
I've worked on linux-based software which is covered by overseas medical device law as well as US HIPAA, PCI and medical IT-device standards. All have password-strength requirements which compliant businesses and software must meet. Including web-facing components. YMMV. > One of the bits of advice is to use long passwords made up of three > > random words and to use a different password per website / to use > > your web browser to generate an appropriate random password. > > Forcing passwords to change regularly may not be a good way to > > maintain security - it can mean that people use password01, password02 > > and things like that. > > Changing passwords at frequent intervals? Total nonsensense as far as > advice goes. > See above, it applies here too. -- > Brian. > >
