Not particularly related. This is not about having better or worse minimum requirements, it’s about the absurdity of (such low) _maximum_ requirements. The point is, I want to use a secure password, and I _can’t_. That’s not true of BMO.
The point is…
Your post reads only “offered without comment”. ¯\_(ツ)_/¯
Having said that…
I want to use a secure password, and I _can’t_. That’s not true of BMO.
“actors’ frank whisky affadavits” is a secure password. You cannot use this on BMO.
What BMO does do nowadays is narrow the space of valid passwords. That’s not good. It does so by imposing some silly restrictions that were a bad idea yesterdecade (because it means that in order to maintain comparable memorability to passphrases like the preceding example, most people are going to end up picking ones that are less secure). I.e., BMO is discouraging secure passwords like the one above in favor of weak stuff like “Kerfuffle9”. That’s not good, either.
I just changed my password on my local install of the BMO codebase to “actors’ frank whisky affadavits”. Are you sure that’s not valid?
From bug 1177911:
This may belong in the product for Bugzilla proper and not b.m.o; I’m not sure if this is site-specific configuration problem or not.
At least it’s better than Virgin Media, who insist on a password between 6 and 10 characters :-/
Wow, so bad! Come on Microsoft, you can do better than that!
They used to let you use longer, and then this amazing error message appeared: http://micropipes.com/temp/mserror.png
OMG, I was complaining the exact same thing couple of days ago
https://twitter.com/AmrEldib/status/630454955300622336
I heard from @Outlook saying that “That’s simply how it’s designed”
https://twitter.com/Outlook/status/630480624294449152
Must be an NTLM back-end. :)
In related news, bug 1177911.
Not particularly related. This is not about having better or worse minimum requirements, it’s about the absurdity of (such low) _maximum_ requirements. The point is, I want to use a secure password, and I _can’t_. That’s not true of BMO.
Your post reads only “offered without comment”. ¯\_(ツ)_/¯
Having said that…
“actors’ frank whisky affadavits” is a secure password. You cannot use this on BMO.
What BMO does do nowadays is narrow the space of valid passwords. That’s not good. It does so by imposing some silly restrictions that were a bad idea yesterdecade (because it means that in order to maintain comparable memorability to passphrases like the preceding example, most people are going to end up picking ones that are less secure). I.e., BMO is discouraging secure passwords like the one above in favor of weak stuff like “Kerfuffle9”. That’s not good, either.
I just changed my password on my local install of the BMO codebase to “actors’ frank whisky affadavits”. Are you sure that’s not valid?
From bug 1177911:
See also: attachment 8626751 from that bug.