We have this one system/aplication at work that requires you to change your password quite frequently. Usually I have 3 work related passwords that I use, rotating them so I don't forget how to get back in to applications/websites, etc. (you usually get 3 chances before you get shut out, hence 3 passwords. Pretty smart, huh!?)
However, this system, is one of those you may need to log into once or twice a month, so it's not a password fresh on your mind.
Here's where it gets obnoxious:
The password MUST be changed every 90 days.
The password MUST be at least 10 characters long. TEN!!!
The password MUST contain at least one number.
The password MUST be a new password that hasn't been used in the 10 prior times. 10 Prior Times!
Talk about the need for extreme creativity!!!
In addition, when you log in, it sometimes asks you for your Company ID:
aemcrbdfxbavcgec (this is not the actual ID, I swapped out 4 letters.)Seriously, do we need this type of extreme security for my expense reports? I mean...
- It's not like they ccould change the way the money gets reimbursed to me since it comes to me as direct deposit like my pay checks.
- It's not like they can submit an expense report to try and get money, because I have to email, fax, or mail in all the receipts to get it approved.
- It's not like they can pull anything interesting out of there, unless they want to know where I ate lunch in Dallas, how many water bottles I buy at the airport, and how much car rentals and cabs cost in different cities.
That's just plain obnoxious by the company who makes that software. Seriously, they think way too highly of themselves.
1 comment:
Ummm....I only change that password MAYBE once a year when prompted to do so. And you only have to enter the ID if you've cleared your cache/cookies. But overall, I agree that it's ridiculous.
Post a Comment