Password Policies
Poor, or non existent, password policies are leaving too many people open to attack. In fact, there are many companies and websites who continue to require weak and insecure passwords. Yes, they require them.
I know that my bank does this. So does American Express and ING Direct. Try to enter a password with special 
characters. They wont let you. Try to enter a password more than 8 characters. They don’t allow it. It is frightening, to say the least. My financial data – my money – is only secured by a combination of letters and numbers up to 8 characters long.
My typical password is at least 10 characters long and is always a combination of lower case, upper case, numbers, and at least 2 special characters. I have been forced in many cases to use a much simpler password.
Combine that with the fact that most people use easily guessable passwords, such as their Read more…