Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Sat, 9 Apr 2016 10:22:18 +0200
From: Patrick Proniewski <>
Subject: Re: Password creation policies

On 08 avr. 2016, at 08:36, Per Thorsheim wrote:

>>> law saying we are not allowed to write down our passwords.
>>> Something I'm trying to change btw.
>> Do you have some pointers to countries with law banning the
>> write-down of passwords?
> Received from an employee at a Polish university in spring of 2014:
> --
> Just for your information (to add to the curiosities list), I have found
> the formal reason for the requirement to change passwords every 30 days
> ../..
> Rough translation: "In case when users are authenticated by password,
> the password must be changed no less than once every 30 days. The
> password must be at least 6 characters long."

That's about changing passwords every 30 days, not the interdiction of writing those passwords somewhere. I've google-trad the full PDF but couldn't find such interdiction. But that's no big deal. And I find pretty amusing they wrote in a law the minimum length of passwords :) (and that limit is obviously too low).


Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.