Password Insanity?

Johnnymo62 · Jun 27, 2023

I just don't understand... Our company recently sent out an email requiring 5 factor, 15 character passwords for certain applications. They also attached this chart showing that it may take 15 billion years for hackers to find our password.

I replied to the email asking why they require any password that would last longer than a human life, give or take a few years. Of course, there has been no reply.

Is there some statistical reason to require a safe time longer than 100 years or so?

Michael_M · Jun 27, 2023

I believe it will take a computer 15 billion years to hack the account (insert humor here-- it will take a xaxianin computer 20 seconds but those computers have not even been dreamed up yet--end humor).

From my limited knowledge, it will take a computer up to 15 billion years, it 'could' get it on the first try. However, I wonder what is so critical it requires 5 factor authentication? Will all the password requirements be stored in a single password manager that has a 1 letter password

Miner · Jun 27, 2023

Maybe they had the foresight to prepare for quantum computers. Nah! This is IT after all. :lol:

Tidge · Jun 27, 2023

Obligatory link to xkcd

ChrisM · Jun 28, 2023

Well, looks like the standard password format I use (single-phase authentication) will take 34k years to crack, so I'm safe for my lifetime....

The more levels of authentication you introduce, the more likely that people will write them down somewhere as it becomes too difficult to remember them. Personally I find 2-stage authentication a big headache, and if a company is so worried about hackers that it imposed 5-stage authentication, I'm pretty sure I'd leave and find a job elsewhere

Mike S. · Jun 28, 2023

Most places require so many things to be passworded and they must be changed so often, as Chris said, people write them down and "hide" them in an easily found place. So much for security.

Bev D · Jun 28, 2023

Just throwing this out there: Data breaches seem to be a bigger and more likely threat to having passwords 'stolen'?

Johnnymo62 · Jun 28, 2023

Michael_M said:
I believe it will take a computer 15 billion years to hack the account (insert humor here-- it will take a xaxianin computer 20 seconds but those computers have not even been dreamed up yet--end humor).

From my limited knowledge, it will take a computer up to 15 billion years, it 'could' get it on the first try. However, I wonder what is so critical it requires 5 factor authentication? Will all the password requirements be stored in a single password manager that has a 1 letter password

I didn't mean to say 5 factor authentication. I should have written 5 character type passwords.

Ed Panek · Jun 28, 2023

Its much easier to send an email spoofing a user to enter their password. Brute force is not typically used.

Randy · Jun 28, 2023

It's getting a bit nuts.

Password Insanity?

Johnnymo62

Haste Makes Waste

Attachments

Michael_M

Miner

Forum Moderator

Tidge

ChrisM

Quite Involved in Discussions

Mike S.

Happy to be Alive

Bev D

Heretical Statistician

Johnnymo62

Haste Makes Waste

Ed Panek

QA RA Small Med Dev Company

Randy

Similar threads