Passwords - 64 Characters, Changed Daily?

isepic writes "It seems over the past few years that the password requirements have changed - each time making it even more difficult to crack. My company just changed its password requirements from 180 days down to 90 for most servers and from a minimum of six characters up to eight. So, as parallel processing computer clusters gain in power according to Moore's law, how are we expected to change them in the next 2-10 years --- and how often?"

"Hopefully by then, there will be a better way, but I really don't want to have to change my password every 8 hours, and not be able to use the last 5 I've used, AND have them each be some awfully long and complex string of hard-to-remember ASCII codes just because a computer can crack a 32 char password in 10 seconds.

What are your thoughts? Do you think one day we'll be SOL, or do you think something 'better' may come (e.g. biometric scanners on every keyboard and or mouse and or monitor - etc.)"

Re:Just do what I do

[vettemph]

Damn straight. Every time password change is forced, I change all of mine( 5 of them)... to the exact same thing.
I also keep "codes.txt" on my desktop and I write my voicemail password on my phone. I'm plain old sick of this crap. I just want to do my engineering job, I din't give a damn about security anymore. (...at work anyway.)

I am strongly against any kind of bioID. I want a USB badge type thing. If an RFID badge is good enough to get me in the front door, why can't it log me into the network?

The only weakness in our network is a security hole called windows. If we would all install linux we would be able to rest a little.
And another thing: IT deparpments have created all this paranoia just to keep themselves employed.

Boy, don't get me started!!! :) have a nice day