Quote:
Originally Posted by qasdfdsaq
Then how would they selectively only make non-compliant passwords be changed?
|
They aren't.
They are forcing everyone to change from their previous passwords to now use an insecure password schema, even if the current password met the new criteria.
It may be that they are just aligning everyone onto an existing schema, in which case they can use the password set date or account creation date to tell if it would have been compliant or not.
A 7 character alphanumeric password (7 because we know the first will always be a letter) can have every possible combination generated in 4 hours by a modern desktop. Food for thought
Also just noticed that there are plenty of words it wont allow. Virginsuck is one :p
Also just found an easy way to avoid having to change your password. I have my old telewest one memorized and am blinking well keeping it
