Monday, August 08, 2005

Password Hell

So I arrive at work today and for the 3rd day in a row I get a message popup when I sign in that I need to change my password in the next 12....11....10 days.
First of all, I should say that this password is the most cryptic one I have ever used before because it requires ALL of the following:
1 upper case letter
1 lower case letter
1 number
1 special character
OK, so I had to come up with a crazy looking password and commit it to memory, and type it dozens of times per day. But now I am told I need to change it? Why? I don't understand. Really, please explain it to me. I can think of no good reason. And on top of that I learn of a new restriction:
You cannot re-use the same password you have used the past 2 times.
That prevents me from changing my password and then quickly changing it back.
Is this really necessary? I asked the Tech guys to explain to me why we had this high-level security in place and they responded, "I don't know, no good reason"
Just an exercise in frustration?
I ask around and get the actual answer and it is a recurring theme as to the root of all the problems with this place. It is aimed at fulfilling our SOX compliance (Sarbanes-Oxley Act of 2002)

So, my solution? Change my password twice, THEN change it back.
(Sigh)

Friday, August 05, 2005

Dilbert knows

This Dilbert cartoon was sent to me by a co-worker today:



It hits very close to home as we are big on Sarbanes-Oxley here.

In fact, I recently had to create a change request form for a project that required no change at all (it was already fixed by another project). So, I created a 7-page document that required 8 signatures and the instructions I wrote were: "Do nothing"