New password cannot be one of your four previous passwords.
Password must conatin upper and lower case characters, at least two numbers and two special characters
Password cannot contain five or more consecutive letters of username.
Password cannot include any _illegal patterns_.

Locked out of your system? Drive over to HQ and ask the admins to reset your password in person.

Oh yeah, we have that too. It sucks donkey balls.

Luckily I work at the office where the admins are too, so I always go to them and say that I need to reset my password. They then let me set my password directly in their admin tool. I discovered that none of the checks are enforced there, so I can reuse my password, always!

I know it's an unsafe practice, but I use a unique password and it is long (the longest allowed), contains all kinds of characters.

But I'm sure the admin tool would allow me to set a single character too. I might try that next time! 🤔😈

@eeee Enforcing frequent passwd changes doesn't add much security anyway because like 99% of people just start incrementing some number at the end of it

This is what drove me to write a little program and just start generating random strings based on constraints, Im not gonna remember the one they force me into choosing anyways lol.

I always just look around the office and pick three random objects with names longer than 3 letters then mangle them together in a way that is easy to understand.

V1sineSp00nC@l1pers

or I just think up a pass phrase like, "Fish are friends not food" then mangle it into something easy to type out.

My workplace has pretty much the same policy plus: Passwords need to be changed every other month.

3 months into the company and your password goes from "abc123" to "AtoBtoC.1#2&3-mOtHerF*ckers"