"If I have to change it every XX days, I tend to pick very easy to remember pass... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		pert on July 14, 2009 \| parent \| context \| favorite \| on: Do Strong Web Passwords Accomplish Anything? "If I have to change it every XX days, I tend to pick very easy to remember passwords, and just change a digit at the end of it every time. As a result of this password "enhancement" system, I think I personally have much weaker passwords." Assuming that "XX days" === 'less than 100 days', I totally agree. We use a six month password cycle at work, and I think that's reasonable as it only takes me a few days to remember a password that I use tens of times a day. If it's a password that I use less frequently or a change is mandated more frequently, then I would do the same as Bruce and use something more obvious or only make small changes to the password each time.

lucumo on July 14, 2009 [–]

> [...] I would do the same as Bruce and use something more obvious or only make small changes to the password each time.

That's not Bruce. That was a comment from a reader.

pert on July 14, 2009 | [–]

Doh!

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact