Bei OliverOlaf (danke Guido) gesehen, erinnerte es mich gleich an diverse andere behinderte Passwortrichtlinien die auch bei uns an der Uni kursieren.
Please enter a password that follows the following guidelines established by corporate security:
- Be at least 8 alphanumeric characters long.
- Contain both upper and lower case characters (e.g., a-z, A-Z)
- Have digits and punctuation characters as well as letters e.g., 0-9, !#$%^&*()_+|~-=\`{}[]:”;’<>?,./). One or more of the characters from the second (2) to sixth (6) positions must not be an alphabet character e.g. between A-Z or a-z.
- Are not words in any language, slang, dialect, jargon, acronym, etc…, known to the individual creating the password
- Are not words that have the O’s changed to zeros and/or I’s to pipes.
- Are not based on personal information, names of family, etc.
- Be significantly different from prior passwords. For example, users must not use “cyclical” passwords, as they contain the same basic content as previous passwords, but with only a part of the content changed.
Aus dem Handbuch zu: “Extranet User and Application Management System” von Micosoft IT…
