tag:blogger.com,1999:blog-2426270730856523434.post3610613197972974388..comments2010-03-08T22:38:22.334-08:00Roy Lebannoreply@blogger.comBlogger5125tag:blogger.com,1999:blog-2426270730856523434.post-50009609514372775752010-03-08T22:38:22.328-08:002010-03-08T22:38:22.328-08:00I have a complex password for all my accounts. It has 16 characters, combined with numbers and symbols. It works quite well until I sign up a online account with American Water and Athena Service(trash collecting). Beacause their stupid password rule not allow symbols. Conbining the symbols is the best way to create a strong password, if the key point is protecting your account, why not allow symbols? <br /><br />Sorry for whining here. The artical make me feel better now :)Jeff Sunghttp://www.blogger.com/profile/11529173418087067439noreply@blogger.comtag:blogger.com,1999:blog-2426270730856523434.post-31140734688913413522010-03-08T22:27:59.329-08:002010-03-08T22:27:59.329-08:00I think these websites simply use modified web module. It&#39;s just a pain in the axx. I don&#39;t know why they make the username and the password so complex since you can&#39;t do anything other than pay the bill. I guess they are trying to prevent someone pays the bill for you? The most stupid website I have ever seen is American Water company, they&#39;re not just ask for complex password, they even ask for complex username, such as 9-12 characters, at least 1 uppercase, 1 number, no symbols allowed. What&#39;s the point? I understand some website might have your personal information, but a water company? I can&#39;t even see my full account number when log in.. It just doesn&#39;t make sense. I kept forgot my username, and they ask for account number to reset. Since I check the paper less option, which leave me no way to find my stupid account number.. very stupid..Jeff Sunghttp://www.blogger.com/profile/11529173418087067439noreply@blogger.comtag:blogger.com,1999:blog-2426270730856523434.post-79116610516160851332008-07-03T05:25:00.000-07:002008-07-03T05:25:00.000-07:00I won't disclose my password policy but I answer the stupid questions (I find most of them either irrelevant or insulting) with an expletive phrase I can remember. Helps me vent at the same time.BBhttp://www.blogger.com/profile/02574777003294802795noreply@blogger.comtag:blogger.com,1999:blog-2426270730856523434.post-83853954291091244832008-07-02T23:57:00.000-07:002008-07-02T23:57:00.000-07:00@Scott: Thanks for the response.<BR/><BR/>I do recommend Scott's post about OpenID (and I'm going to post a reply over on his blog as well). Sadly, OpenID is pretty far from being a standard at this point. And, even more sad, I'll bet money that even as it gains in acceptance, web sites will just add a layer on top of OpenID that makes it clunky. That was one of the problems with Passport's adoption (one of many problems, and I know them well -- I worked very closely with the Passport team while at Microsoft and am a co-inventor of a Passport-related patent as well as another one that's pending).<BR/><BR/><A HREF="http://www.vidoop.com" REL="nofollow">Vidoop</A> seems like a reasonable solution, but I haven't compared it with the competition.Roy Lebanhttp://www.blogger.com/profile/08749140682886637193noreply@blogger.comtag:blogger.com,1999:blog-2426270730856523434.post-52080763358003175402008-07-02T23:34:00.000-07:002008-07-02T23:34:00.000-07:00I just posted a lengthy reply to Roy's password rant <A HREF="http://scott.blomqui.st/2008/07/simple-solutions-to-stupid-password-policies/" REL="nofollow">over on my blog</A>.<BR/><BR/>Also, would totally have used <A HREF="http://www.flickr.com/photos/rabbitcreative/463450187/" REL="nofollow">this picture</A> in my blog post if the author didn't reserve all rights.sblomhttp://scott.blomqui.st/noreply@blogger.com