I've been changing passwords around lately, something that I like to do every once in a while to keep myself on my toes, and I have to say that I am still shocked to see some of the requirements in place by certain places. More than 1 financial institution has password limitations that actually weaken what you can do!


For example, here's the policy from American Express

# Contain 6 to 8 characters - at least one letter and one number (not case sensitive)
# Contain no spaces or special characters (e.g., &, >, *, $, @)
# Be different from your User ID and your last Password

Seriously? I'm limited to an alphanumeric password no larger than 8 characters and no smaller than 6? I understand that they have other limitations in place to prevent a computer from brute-forcing the password, but I can't help but think these requirements are unhelpful and unnecessary.

It's time for all webmasters who store passwords to make sure that these silly limitations are removed. Here are some policy recommendations:

Special characters and spaces should be allowed and even encouraged.
Minimum password length enforcement makes sense, but if you're going to have a maximum make sure it's at least 16 characters
All passwords should be encrypted and salted in your database
Require 5-10 seconds in between each failed login

Finally, provide your users with an password strength indicator so they know if they've selected something easy to break. Microsoft actually does a great job of this. Assuming you can find how to change your password in hotmail, they provide good feedback when you do it. They even have some recommendations of their own you should look at..

On this episode of The Meat, Robbie uses an application called Ubuntu Tweak to make some changes to simplify the process of tweaking Ubuntu. A step-by-step of the featureset of Ubuntu Tweak. 9 minutes 46 seconds.

On this episode of The Meat, Robbie shows you how to backup your sources.list file in /etc/apt. 1 minute 16 seconds.

On this episode of The Meat, Carrie and Robbie discuss what a repository is on Linux, and what kinds of advantages there are to using it to install your programs. 1 minute 44 seconds.

On this episode of The Meat, a viewer asks Robbie why he has a distaste for Gizmo and Michael Robertson in particular. 4 minutes 11 seconds.

On this episode of The Meat, Robbie talks about the exploit in Adobe Reader and explains what you need to do to protect yourself. 3 minutes 38 seconds.

On this episode of The Meat, Robbie explains a little about what Category5.TV is about for a viewer who joins us for the first time. 1 minute 1 second.

On this episode of The Meat, a viewer asks Robbie to recommend a video capture software for Ubuntu Linux. 58 seconds.

On this episode of The Meat, Robbie explains how you can use a disassembled external drive enclosure to create your own makeshift IDE hot-swap station, similar to how the Thermaltake BlacX works for SATA. 3 minutes 59 seconds.

On this episode of The Meat, Carrie reads a viewer testimonial which gives Robbie an idea for a T-Shirt. The shirt is now available for purchase in our Cafepress store. 34 seconds.