When I am setting a password, I expect to be able to use special characters. Nothing crazy, just the ones above the number keys.
It seems that more and more often, websites are restricting the use of these characters. Why?! Because they are too lazy to program their web backends to not go haywire when processing them. More frustrating, they all disallow different sets of characters!
Proudly, you make a password that looks like complete gibberish, but this site says “You’re blowing my mind, man!”, so you change it slightly, substituting a character perhaps. Then you get to another website, and the character you changed is allowed, and the one you changed it to is strictly forbidden.
Oh, and don’t forget the sites that restrict you to only 8 characters. We wouldn’t want to make it difficult for brute force hacking, would we? We wouldn’t want to force you to rewrite the table schema you wrote back in 1996. Too much trouble, I understand.
And don’t even get me started on password recovery questions. Where was I born? Gee, no one else knows that top secret information. My pet’s name? Oh no, I never have visitors or post pictures of her online. My mother’s maiden name? Geneology information is a closely guarded family secret! Give me a break. Let me pick my own obscure and nonsensical question that only I know the answer to: “What platonic form does a minute have?” “An eggcarton.”
Makes total sense to me.
Dear Internet: Stop forcing me to use simple passwords, and stop making it so easy to social engineer the mechanisms to reset them.
