this post was submitted on 28 Sep 2024
686 points (96.1% liked)
Programmer Humor
19315 readers
1 users here now
Welcome to Programmer Humor!
This is a place where you can post jokes, memes, humor, etc. related to programming!
For sharing awful code theres also Programming Horror.
Rules
- Keep content in english
- No advertisements
- Posts must be related to programming or programmer topics
founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
This is exactly my face when IT is telling me the rules for my passwords.
Sorry, those rules come from our cybersecurity insurance, or some compliance rules.
We hate them as much as you do.
Then why are they different between systems? Do you have different insurers per application?
What applications do you have that IT controls the password requirements for?
IT controls your AD credential requirements in most cases and that's pretty much it. It sounds like your employer needs to implement an SSO solution.
It is the AD credentials. It's a fortune 500 company and it doesn't even come close to NIST recommendations.
We have like 3 different ADs as a result of mergers and acquisitions, and the requirements are all different.
What are the requirements?
One of them is EXACTLY 8 ASCII characters, may not contain any English dictionary word, no repeating character. At least 1 number, and at least 1 special characters. Just obliterates the search space.