take that PCI!
fuck PCI up the nose.
my bank started using the PCI standards of "change your password every 90 days" and "can't use any of the previous past 4 passwords"
(okay. making account holders change their accounts that often isnt in the spec, but that's still their idea of password security)
since i access it all of once a month, it took me a bit to figure out that i had changed it
enough that i didnt remember in time for it to be locked out
and because the bank is crazier than the PCI spec, they permanently lock it out, i think, instead of just for 30 minutes
thus, every time i've wanted to access my account since this started, i ended up having to call to have it unlocked
so i just spent i don't know how long going through changing my password to something different 4 times
just so i can get it back to the one it was
i don't buy the security in changing a password every 90 days
it just leads to passwords being stuck to screens
left in wallets and other things
i dont mind so much the "hey, you're using a different commercial than usual, you need to answer more questions"
i think use trends like that are more useful than frequent password changes
my bank started using the PCI standards of "change your password every 90 days" and "can't use any of the previous past 4 passwords"
(okay. making account holders change their accounts that often isnt in the spec, but that's still their idea of password security)
since i access it all of once a month, it took me a bit to figure out that i had changed it
enough that i didnt remember in time for it to be locked out
and because the bank is crazier than the PCI spec, they permanently lock it out, i think, instead of just for 30 minutes
thus, every time i've wanted to access my account since this started, i ended up having to call to have it unlocked
so i just spent i don't know how long going through changing my password to something different 4 times
just so i can get it back to the one it was
i don't buy the security in changing a password every 90 days
it just leads to passwords being stuck to screens
left in wallets and other things
i dont mind so much the "hey, you're using a different commercial than usual, you need to answer more questions"
i think use trends like that are more useful than frequent password changes