UT Law's password requirements are ridiculous Forum

[goodolgil]

It wasn't like this at first. But now,

Please enter a new password for your UT EID. Remember, your password must:

* Be between 8 and 20 characters in length.
* Consist of some combination of letters, numbers, and special characters. The special characters that are permitted are ! @ # $ % & * ( ) - + = , < > : ; " ' ..

In addition, your password cannot contain:

* Blanks.
* Your UT EID.
* Your first or last name.
* Your birthday in any form.
* Any words found in the English dictionary or common proper nouns of four letters or longer.
* Common letter transpositions (for example, @ for a, ! for i, or zero for O).

You may not re-use any of your last 10 passwords.

You may not re-use any password used in the last 10 days.

Passwords are case sensitive. This means that if your new password contains lower-case and/or upper-case characters you must enter it the same way every time you use it.

-----

I'm finding it hard to come up with a PW I'll remember.

[eldizknee]

.

[KibblesAndVick]

Just make up a really simple code to transpose a phrase you'll remember. For example, replace every other letter with that letter's number in the alphabet. Or every other letter with that letter's number on a traditional phone.

Top Law Schools = T6P 5A9 S2H6O5S

Then throw in a random character like @ at the beginning or end. Or just put the whole thing in quotes like "password". Just be consistent about this so it's easy to remember. Putting @ in the beginning is easy because it's like Twitter and whatnot.

Your new password could be @T6P5A9S2H6O5S

[r6_philly]

That's not the most strict password requirement. It is missing - upper AND lower cases required; - no sequential numbers OR letters, forward OR backward.

It's for your safety anyway.

[DoubleChecks]

lol this is when knowing a 2nd language really comes in handy

[Pearalegal]

mine is actually quite vulgar as a result.

[HBK]

They're on the ball ever since they got hacked I guess. They had something like 55,000 SSNs stolen from students and alumni.

[kalvano]

Most of the schools in Texas are like this, with required changes every 6 weeks or something stupid. And they won't let you use the last 15 passwords used or something like that.

I think my password to UNT my final year ended up being something obscene about the sysop every time I changed it.

[Pearalegal]

Still doesn't compare to BC's system. Dear....GOD.

[goodolgil]

Still doesn't compare to BC's system. Dear....GOD.

uh yeah, I actually can't log in to it now because I have no clue what my password is, and I smartly chose to have one of my password questions be "what's up?" (I can't remember what my joke response was). Is that where they post scholarship info?

[Pearalegal]

Still doesn't compare to BC's system. Dear....GOD.

uh yeah, I actually can't log in to it now because I have no clue what my password is, and I smartly chose to have one of my password questions be "what's up?" (I can't remember what my joke response was). Is that where they post scholarship info?

Hahaha. No clue, I had to sit on the phone for 40 minutes to get my password reset. I went through all the stages of grief on that phone. Shock, anger, bargaining, sadness, ect.

[Bildungsroman]

These requirements eventually become counterproductive as complicated passwords, mandatory frequent changes, and difficult password recovery systems encourage people to write their passwords down/keep some record of it. The most impenetrable password doesn't mean shit if it's on a sticky note next to your laptop.

[r6_philly]

These requirements eventually become counterproductive as complicated passwords, mandatory frequent changes, and difficult password recovery systems encourage people to write their passwords down/keep some record of it. The most impenetrable password doesn't mean shit if it's on a sticky note next to your laptop.

This is true. However, the point of having complex and secure passwords is not to guard against human intruders, but machine intruders. Professional hackers will most likely attack remotely and anynomously without any physical access to your laptops or your sticky notes. Password generators have gotten pretty sophisticated using the dictionary, and the upgrade in requirements is absolutely necessary.

[flcath]

lulz. This thread speaks to me.

We should have the freedom to create "easily guessable" (who the fuck would be guessing?) passwords if we want to.

[weee]

UMich password requirement proved quite daunting, I have been working at a Big Gov't facility for a while and the password style I use for work didn't cut it for UMich ID, even with uppers, lowers, numbers and symbols all included.

[r6_philly]

lulz. This thread speaks to me.

We should have the freedom to create "easily guessable" (who the fuck would be guessing?) passwords if we want to.

Because if they can comprise your account, they can use to conduct illegal activities that doesn't pertain to you. They can set up phishing sites, send out SPAM, phishing emails etc... There are overseas companies that regularly probe US organizations' servers to try to compromise accounts for fraudulent purposes. If you receive a solicitation to donate money over the Internet, would it be more convincing if the email was sent from Taiwan, China, or Russia, or from a UT/UM/Uanything account?

Add: your email account is the property of the university, so they want to keep it secure regardless of your desired level of easy of access/security.

[Sangiovese]

There is a very simple method to creating strong passwords that you can easily remember.

Come up with a short phrase.
Use the first leftter of every word int he phrase.
Use a symbol replacement for one of the letters (such as $ for s).
Capitalize either the first or last letter.
Insert a number at the beginning, end, or anywhere else (second position, third position, etc...)

Example:

It was a dark and stormy night

Can become:

Iwada$n1
iwada$N1
Iw1ada$n

Or tons of other variations.

When you have to change your password, just increment the number.

[Clint Eastwood]

Make a picture on your keyboard. It'll be utter nonsense unless you look the shape you made.

[flcath]

lulz. This thread speaks to me.

We should have the freedom to create "easily guessable" (who the fuck would be guessing?) passwords if we want to.

Because if they can comprise your account, they can use to conduct illegal activities that doesn't pertain to you. They can set up phishing sites, send out SPAM, phishing emails etc... There are overseas companies that regularly probe US organizations' servers to try to compromise accounts for fraudulent purposes. If you receive a solicitation to donate money over the Internet, would it be more convincing if the email was sent from Taiwan, China, or Russia, or from a UT/UM/Uanything account?

Add: your email account is the property of the university, so they want to keep it secure regardless of your desired level of easy of access/security.

It's valid and reasonable points like these that just fucking suck the fun out of life. I hope you're happy.

[r6_philly]

It's valid and reasonable points like these that just fucking suck the fun out of life. I hope you're happy.

lol I am! You are not so, I sense.

[Thirteen]

UT undergrad is the same way. Just make up something random, and put it in your cell phone and e-mail it to your non-law school account.

[r6_philly]

UT undergrad is the same way. Just make up something random, and put it in your cell phone and e-mail it to your non-law school account.

You couldn't give another answer that's worse in terms of security well you could but this one is pretty bad.