I just found the center for password sanity. My joy lessened as I re-read the title and discovered it was the center for, not center of password sanity 🙂
I’m currently working on a system where I have different passwords (and usernames) for
- LAN login
- HelpDesk login
- Firewall login
- Internet login
- Server logins
- Other Applications, 1 per app
They are updated at irregular intervals and have different rules about how often you can repeat, number of characters. There is one which specifies atleast 6char + 2 numeric – but no! it’s has to be exactly 6+2 with no repeats for 12 passwords.
And then LAN admins wonder why people store them in files!
I did wonder if new passwords are checked for relevant strings and passed to HR as a staff retention trigger as some of the passwords I have become aware of give major clues that the person maybe leaving shortly.