The Pain of Passwords

"Through 20 years of effort, we've successfully trained everyone to use passwords that are hard for humans to remember, but easy for computers to guess."  - XKCD

While some websites have a password strength checker to gently suggest that a chosen password may not be good enough others don't give you the liberty of choosing your own password pattern while framing one.

Some websites enforce rules that THEY think will be right for their users.

They don't care if devising good passphrases or using the shift-to-the-right method work better for you. As a result of this, users will have to break their pattern of framing & the chances of forgetting a password are higher.


To me, a reasonable password policy is one that allows alphanumeric and special characters and is of five characters or more.

I have been collecting & seeking from friends, examples of whimsical password policies that they encounter online.

Here is a list of websites that have unusual policies  -

* Doesn't matter if you took care that your password is at least 6 characters long including 1 number and 1 letter, Skype still decides if your password is complex enough.

* Airtel - Three consecutive characters or numerics(!) should not be same.

* Naukri.com - Special Characters Other Than (Hyphen Underscore Dot @) Are Not Allowed

* Prometric -

• must be between 8 and 20 characters.
• must contain at least one alphabetic character.
• must contain at least one numeric character.
• can not be your e-mail address.
• can not have any spaces.
• is case-sensitive.

...to be continued