This practice is not recommended anymore, yet still found in many enterprises.

  • Affidavit@lemm.ee
    link
    fedilink
    arrow-up
    35
    ·
    edit-2
    4 months ago

    Password1

    Password2

    Password…

    Password28

    Password29

    Edit: Call IT to reset password costing the company money because of their idiotic password policy

    Password…

    Password43

    • Midnight Wolf@lemmy.world
      link
      fedilink
      English
      arrow-up
      8
      ·
      edit-2
      4 months ago

      No joke, my father used to have to do this. I set him up with a solid pw via pw mgr and then we found out that it had to be changed every 60d. He was going to just generate a new one but I was concerned that he’d screw it up and need help resetting the pw every time, so I was like “…just had 1 to the end, and do the same in the mgr; next time 2, then 3…”.

      He got to like 8 before (it appears, he stopped complaining about it) they dropped the policy. I just know that every other employee (these are not tech positions whatsoever) just resorted to “password1” and IT realized how fucking stupid that is.

      Oh and it retains your last like 5 passwords, so you can’t do “password1” “password2” “password1”. Brilliant.