Over the years, we've seen some fairly interesting security principles discussed here on The Daily WTF. While most in the industry already appreciate the benefits of Security by Obscurity, readers like you have contributed some fascinating alternatives including Security by Oblivity, Security by Insanity, Security by Letterhead, and and Security by Posterity. Today, I'm excited to add a new strategy for securing information systems: Security by Post-It.

With the rash of high-profile breaches happening everywhere from credit card processors to government bureaus to gaming networks, many organizations are clamping down on security to make sure that everything feels extra-secure. Now granted, many of these break-ins are a result of SQL Injection, social engineering, and simply forgetting to check authorization rules, anything could be a vector of attack – including your very own mind.

Psychics, aliens, and those dudes from Inception have no problem tapping into your brain to gain valuable intel and highly-sensitive network passwords. Realizing this serious threat, Torre Lasley’s company devised a security scheme to thwart even the most sophisticated cerebral hacker: unknowable and unmemorizable passwords. Consider this password change prompt that recently propagated throughout the enterprise.

** STOP! You must reset your password. Failure to do so will **
** cause your Network account to become locked.              **

Your password must:
• have at least 8 character(s)!
• not be longer than 12 characters!
• have upper and lower case characters!
• have no more than 8 upper-case letter(s)!
• have no more than 8 lower-case letter(s)!
• have at least 2 letter(s)!
• have a leading letter!
• have at least 1 digit(s)!
• not contain a dictionary word!
• not contain an exact dictionary word match!
• not be your username!
• not be your username backwards!
• not contain your username!
• not contain your username backwards!
• not be your username with the letters rearranged!
• not be an old password!
• have no more than 1 pair(s) of repeating characters!
• not have 3 occurences of the same character!
• not contain carat (^)
• not contain space
• not contain =
• not conatain &
• not contain #
• not contain ,
• not conatain ;
• not contain "
• not contain >
• not contain <
• not contain [
• not contain |
• not contain )
• be at least 6 characters long, contain 3/4 of uppercase, 
  lowercase, digits and punctuation marks, and may not 
  contain your user name or any part of your full name.

With passwords these complex, users will be unable to remember their password and will be forced to write it down on a Post-It note and affix it to their monitor.So long as a strong, transparent tape is used, hackers will be unable to gain access to these passwords, thereby leaving their network secure.

[Advertisement] BuildMaster allows you to create a self-service release management platform that allows different teams to manage their applications. Explore how!