[ Date Index ] [ Thread Index ] [ <= Previous by date / thread ] [ Next by date / thread => ]
On 15/10/2016 15:04, Brad Rogers wrote: > On Sat, 15 Oct 2016 12:06:34 +0100 > Henry Bremridge <henry.bremridge@xxxxxxxxx> wrote: > > Hello Henry, > >> The UK Government have launched a secure ID site >> https://www.signin.service.gov.uk/about-certified-companies > > Seems you have to register/log in to read that page..... > > Choose a password between 8 and 12 chars. It must contain at least one > numeral (0-9) and one lower case letter (a-z) no special chars and not > contain the word password. I think I'll pass, thankyouverymuch. > > Putting restrictions like that on password choices makes it much easier > to crack them: You know length limits, and have character restrictions, > severely limiting choices. > > > My existing Government ID on old government ID system was limited to 12 characters. It appears this is limit in many government database password set ups. (remember they set these up in DOS / XP days! Presumably they gave this to the outside companies as 'specification'. Crass it allows easier cracking as noted above as specification of field is known. -- regards Eion MacDonald -- The Mailing List for the Devon & Cornwall LUG https://mailman.dclug.org.uk/listinfo/list FAQ: http://www.dcglug.org.uk/listfaq