What is your favourite password rule?

  • Blue_Morpho@lemmy.world
    link
    fedilink
    arrow-up
    6
    ·
    2 months ago

    Fine, the hacker can see I ordered vegetable vindaloo last Friday. There’s no credit card information stored.

    For banks, make your password requirements as hard as you want. For everyone else, I feel like the developers are LARPING as security professionals to make their boring job making web pages for local businesses interesting.

    • Promethiel@lemmy.world
      link
      fedilink
      arrow-up
      4
      ·
      2 months ago

      For everyone else, I feel like the developers are LARPING as security professionals to make their boring job making web pages for local businesses interesting.

      Wdym my 128 bit password enabled, passkey preferred, https domaines, encryption-within-box standards-meeting secure emailing webserver powered WordPress website for my little kid’s school PTA organization isn’t a viable attack vector? Of course not, you see the web firewall…

      • Trainguyrom@reddthat.com
        link
        fedilink
        English
        arrow-up
        2
        ·
        2 months ago

        Funny you should mention a firewall, a friend who works IT at the county shared how they had to unplug the 911 vendor’s systems from theirs (killing 911 service for the county of course) because they hadn’t updated their firewall for years. They informed the vendor “since you haven’t done your due diligence in updating anything, we are unplugging this. You can figure out the legal ramifications for yourself” so the vendor then flew someone out the next day to update it all