Ok, I'm really really getting sick of web systems that require passwords, but are buggy in the way they handle them. Certain types of punctuation in the password will cause them to fail in various mysterious ways, such as claiming that two identical strings are not identical. The better ones at least recognise that they can't handle punctuation, and state that as their reason for rejecting the password, but it's still annoying. It's mind-boggling how easy this is to fix, and how many websites still haven't fixed it.
Almost as annoying are the sites that have some "clever" rule for what the password has to be: it has to include numbers, or punctuation, or mixed case, or whatever; often accompanied by restrictions, i.e. what it can't include. And they usually don't tell you about this rule until after you've typed in a bad password, certainly they don't tell you the rule when you're trying to, y'know, remember your password. I've got lots of passwords on a lot of different sites, and I can't tell you how annoying it is to try and remember, "Hmm, is this the site that has to have eight characters and at least two digits but no punctuation, or at least seven characters including at least one punctuation mark, or..." It would certainly make it easier to remember which password went with which site if they mentioned that on the login screen. And then I end up getting locked out after trying three of my passwords (which probably weren't even valid passwords for that site). Gaaahhh. Surely I'm not the only person who has this sort of problem? I pretty routinely end up having to click the stupid button that sends me my password by email---gee, that's secure.
"The difficulty of your life inspires me to become a Russian author."
--Matt Zanon
Posted
by blahedo
at 11:34pm
on 1 Oct 2002