I'm annoyed by websites having different kind of requirements for passwords, like lenght or whether it can start with number etc.
Well, I asways try a minimum length of 8
anyway (and if I'm asked to do more than that, can comply easily enough). It's
maximum lengths of 8 that cause me concerns. I've seen it, though can't remember where.
One site I
can remember (an old, and now defunct, "teaching you about computers" site[1]) was interesting, in that it liked punctuation in general. But when one old gentlemen[2], without
prompting, used a password with an @ in it, it went funny. Not refusing to take the password, but even with an identical confirmation box it didn't accept it.
It
wasn't used in the context of an email address, although I'm wondering if someone had put something in to prevent email addresses being used as passwords. There was no instructions or warning about this, though, and my best interpretation as to why the confirmation of password never worked was that
one of the two password entering boxes was subjected to an @-stripping process, but not the other. (Or string-literal @ to string-literals \@, which I've seen done, for no good reason on various things...)
Anyway, for that guy's case, I just pursuaded him to use "at" instead of "@", and it worked.
Given that (not to give anything away) some of the choices (which I never noted down, but always made sure that
they noted down) were often something like "June1944" (although one guy had tried to use his army number, but then had to add a letter at the end because it didn't like all-digits either... the reverse of most people who only used alphabetic characters unless forced otherwise), I wasn't too concerned. Given what they were making a password for, it was more of everyone's concern that they
remember their password (or be able to read it from their notes[3]) than there be absolutely no way for anyone else to log onto their account and... what..? learn how to use a keyboard
instead of them?
But when it comes to online banking, and other similarly vital/vulnerable things, I'm hoping that those that have the passwords written down don't just have:
River's Bank: 12345678
Amazon: 87654321
eBay: 4uc710n
PersonalPornSite: p455w0rd
Swiss Bank: thankyougreatgrandadheinrich
..but instead something more like
River's Bank: paddi87654321ing
Amazon: extr12345678a#s
eBay: rann017cu4dom~
PersonalPornSite: obdr0w554pfusc8
Swiss bank: rthankyougreatgrandadheinrichubbish
Except better than just reversing and shifting them around in the middle of other junk letters, of course.
Highlight my previous post in this thread if you like SECRET PUZZLES
Indeed. That's obviously off-topic. Kindly ignore this attempt to flagrantly add communications evasively, valuing a less urgently engineered affectation. No, don't imagine generating numeric operations. Read everything directly initially, thanks. <If no secret evolves, really think some more in lexical expressions, yes?>
[1] That needed knowledge of a significant amount of the first few modules (which included very basic tutorials about the keyboard and mouse) in order to get yourself using it (never mind connected to it in the first place. Which is where the tutors, such as I came in... After telling the
least previously knowledgeable (and not everyone was at that quite low a level) how the mouse cursor and the text cursor were different, how they could use <tab> to move the cursor between fields if they preferred that to using the mouse (hey,
I do, where possible!), and giving my own advice about avoiding the Caps-Lock, but IT WAS THERE IF THEY REALLY WANTED TO USE IT... Then they could get onto the web-site properly and learn a lot of what I'd already told them about from the screen... Ho hum.
[2] Heard he died the other day. RIP.
[3] And here the big problem was writing their passwords in capitals when they weren't. (After all, they were using a keyboard with "QWERTY" keys on it, not "qwerty" ones, most of them.) Or InitialCapitalising what they wrote by hand. Or putting spaces in. Which they may or
may not have conveyed when typing it in. And once they got better with the keyboard they might have different ideas. And I make no judgement about this (because they were pretty much all new to the idea of computers and email), but the number of times I've seen email addresses being entered as "j bloggs @ hot mail . co" (yes, or ". com . uk"[4]). And this was something else the online course didn't clarify and was left up to me to try to explain.
[4] Although maybe you want to blame some of that on the decisions of the .uk domain authority that were different to (say) the .au counterparts.
[X] Sorry, am I going OT?