Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

Ah good stuff. Password expiration is a pain, but it's worse for Windows login because I can't even open Keepass until I get in!

When forced to do this I will use something like "B@s3P@ssw0rd1" then "B@s3P@ssw0rd2", "B@s3P@ssw0rd3" etc.



That's still a weak password. Letter substitution doesn't increase the difficultly, as password crackers try all the variants as a matter of course.

Better to use a combo of several words such as... BatteryHorseStaple. :)


The point was changing the number at the end to work around the requirement to change the password. My real pw was better.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: