Monday, 2 March 2009

Enter a memorable password...

Arrgh! I hate websites/systems that force users to format passwords in the way the system wants. "Your password must contain a mixture of upper and lower case". This doesn't increase the security it actually increases the chances of being able to guess it.

I'm changing my address on the DVLA government website and it's come up with this:

Enter a memorable password. The password must:

* be between 8 and 12 characters
* contain a combination of letters and numbers
* contain two or more numbers which are separated by one or more letters
* not contain spaces or the word 'password'
* not contain three adjacent letters or numbers the same (eg 'aaa' or '999')

I'm sorry, didn't you just say MEMORABLE? How the eff am I supposed to choose a memorable password when at least one of the rules prevent me from using every password that I already have stored in my brain - the ones that would therefore be memorable.

