The frustrations of modern technology By Ken Perrott • 02/04/2015 • 1 This post was syndicated from Open Parachute - View original source And after all that there is the problem of remembering the password(s). humour passwords Sciblogs One Response to “The frustrations of modern technology” I recently had to reset my password for Auckland Uni’s “Student Services Online” and ran into a couple of really poor practices. An ideal password has two qualities: it’s easy for you to remember, and it’s hard for someone else (or a program) to guess. Auckland Uni requires passwords to have exactly 8 characters, which makes them harder for you to remember and easier for a program to guess. They also don’t seem to ever let you recycle passwords, which again makes them harder for you to remember. It’s surprising how common poor password practices are. I remember being rather shocked a while ago when I mistyped my online banking password but was still logged in successfully. It turns out their passwords aren’t case sensitive, which is really really stupid. RegisterDirect is even worse. They have a way for you to log in by having your username and password in the URL, which both makes your browser remember it without you asking it to and, worse, lets anyone on your network pick up the traffic and find out what they are. Their employees are also able to look at and manually alter your passwords, which is horrible practice and also means they’re stored in plaintext – another horrible practice that means if RegisterDirect is hacked then the intruder can know your password. Best practice would be that they can generate a link for you to use to reset your password, and it will not be stored unencrypted in their database.