The software company I work for has (once again) changed its policy for login passwords. The industry trend is for tougher passwords. In a few years we'll be giving DNA samples before we can login.
Here is my company's policy in a nutshell. I'm forced to change the password after 3 weeks. The password must be nine characters long. The password must contain three of the following four things: lower case letters, upper case letters, numbers, or special characters (such as # * +).
In other words, I have to speak l33t to make a good password. Gone are the days when I could use "snugglebunny" as my password. Do you think "1PwnzUrM0mzL0lz" is an acceptable corporate password?
I've got too many user names and passwords to remember. I'm tempted to just reuse the same ones over and over. But that's just stupid. Then again, writing them down on a notepad in my desk drawer isn't the safest either.