Password Requirements – Small Rant

I’m not sure how many of you guys share my views about passwords. Or maybe I just don’t feel comfortable with other people telling me what to do. Yeah, I think that’s it. If I decide that my password is going to be qwerty, password, letmein, or even 123; I think that’s my business. Don’t get me wrong, I totally understand the reason behind this. Some sites are trying to protect the users against themselves.

Reasonable Requirements

Now some of these requirements I can understand. Some of them are actually reasonable. I can deal with a minimum length; although these days they seem to be getting longer than eight (8) characters.

I just don’t think that I need this type of protection. Although I don’t use the same password for every website (any more, lol). Currently, I use an algorithm to generate a password for a new site. It’s a combination of a common stem or base and appending the service name that I’m logging into (eg. Yahoo, Gmail, etc.)

My Problem With Requirements

Currently, my stem only consists of lowercase letters and numbers. I know it’s not the most secure base, but it’s long enough and it serves the purpose. What I can’t stand is a site that needs me to enter a special character or an upper case character.

Call me crazy, I just hate having to hit the stupid key when I need to be typing in a password. Hell, I hate holding down the shift key, period. So for all you website administrators out there, please don’t force me to do anything I don’t want to. The only thing this results in, is me forgetting my password the next time I come to your site.