In never cease to amaze me how little creative people are. Unless I enforce password complexity and password aging, I can use a default password to log on to most accounts two years later.
Then again, we can not enforce too much complexity either, it only serves the purpose of making the network less secure.
Why you may ask, and I'll answer it for you. I was called to fix a troublesome network for a Norwegian branch of a German company which turned out to be a virus having a party. In each and every office, the password was found on a Post-It note either under the keyboard, at the back of the screen or in plain sight on the desk.
Now that is a non-working security policy for you, and goes to prove what I always say: IT security will only work in conjunction with the users. Try as you might to enforce the strictest and most rigid password security policy on the planet and I can already guarantee you will fail in achieving your goal.
Well back on track, for anyone finding this thread who chuckle because they recognize themselves - let me teach you a trick.... called keyboard-tracking. This technique is simple and it is easy to create very advanced passwords using it.
A password like Sr4Dt5Fy6 could be considered advanced and if you look at your keyboard, it follows logic and so it is easier to remember while avoiding the names of kids, pets and so on. Find the most advanced keyboard track that suits you, do not tell anyone and stick to it, shift one step left or right when forced to change.
Good, now you are the user of my dreams :bigsmile: