• Dustin_00 (cs)

    18770 is nothing, you should see what the Microsoft employees have to do to log in at work!

  • pete (unregistered)

    Msgina.dll :P

  • gilleain (cs)

    The idea of a 30,000 word password isn't all that bad. You could use your favourite book, and copy/paste it into the er...textfield?

    Maybe an upload.

    I guess it would be easier to use a unique image.

  • awt (unregistered)

    That "illicit feedback" must be catching - I saw the same phrase in an email from Microsoft recently.

  • ParkinT (cs)
  • AC (unregistered) in reply to gilleain
    gilleain:
    The idea of a 30,000 word password isn't all that bad. You could use your favourite book

    Unfortunately, from a password strength perspective, this would have about the same entropy as the book's ISBN. :-P

  • Anonymously Yours (unregistered)

    Another gem from that same support document: Note that the number of required characters changes from 17,145 to 18,770 with the installation of SP1.

  • unklegwar (cs)

    I find the last one rather ironic. The last thing that users of this site should be submitting is errors in word choice and grammar.

  • SplinterOfChaos (cs)

    In programming, you may spend days trying to find a misplaced semi-colon.

    When logging in, you may spend months of company-time plus the support crew's time finding a misplaced w.

  • fanguad (unregistered) in reply to ParkinT
    Comment held for moderation.
  • BBT (unregistered)

    Also a WTF:

    What kind of requirements elicitation process has eliciting feedback as "optional"?

  • cconroy (cs) in reply to unklegwar
    unklegwar:
    I find the last one rather ironic. The last thing that users of this site should be submitting is errors in word choice and grammar.

    And by a guy who spells his name "Brien", no less. (Just kidding, man, don't take it personelly.)

  • KNY (unregistered) in reply to fanguad
    Comment held for moderation.
  • Harrow (unregistered) in reply to AC
    AC:
    gilleain:
    The idea of a 30,000 word password isn't all that bad. You could use your favourite book

    Unfortunately, from a password strength perspective, this would have about the same entropy as the book's ISBN. :-P

    How about my favorite book with one comma missing?

    -Harrow.

  • CoyneT (unregistered) in reply to awt
    awt:
    That "illicit feedback" must be catching - I saw the same phrase in an email from Microsoft recently.

    Nah. It's just the new policy: They set the requirements and users accept them.

    Users that insist upon commenting are clearly in violation of this new policy...hence these would be "illicit user comments".

  • Cloak (unregistered)

    I'm only wondering where these numbers come from. Examples like this one have been seen on WTF but those where rounding errors or overflows or whatever. Now, how does this relate to a password strategy. Obviously something went wrong, but what?

  • BlueXero (cs) in reply to gilleain
    gilleain:
    I guess it would be easier to use a unique image.

    Thats not a bad idea for something... Do some accounts require a password AND an image?

  • DaveK (cs)

    Are we running short of material or what? That MS one is pretty desparate. Since when has it been "good enough" to post a link to a bug report/KB article/FAQ entry that merely describes a bug, rather than a graphic of the requester (or whatever) showing the actual bug itself? Hell, if that's what passes for humour these days:

    http://gcc.gnu.org/bugzilla

    Go ahead, knock yourself out. Sheesh, pathetic! Even the trivial homonym typo ('illicit' for 'elicit') is funnier than that.

  • Anonymous (unregistered) in reply to BlueXero
    BlueXero:
    gilleain:
    I guess it would be easier to use a unique image.

    Thats not a bad idea for something... Do some accounts require a password AND an image?

    Yes, that's what we call "Wish-It-Was Two-Factor Authentication."

  • RobertB (cs) in reply to unklegwar
    unklegwar:
    I find the last one rather ironic. The last thing that users of this site should be submitting is errors in word choice and grammar.
    I think that's the "worse than failure" meme in action. Until I read the comments, I (and probably you) didn't catch the fact that they used "illicit" (illegal, unlawful, bad) instead of "elicit" (to ask for).

    I just assumed that the instructions told what to do if the user supplied invalid feedback, and used the word "illicit" instead of "invalid" becauses they wanted to sound fancy.

    Therefore, it passed my mental validity check... which is the definition of "Worse Than Failure". It "works", but really doesn't.

  • dkf (unregistered) in reply to RobertB
    RobertB:
    Therefore, it passed my mental validity check... which is the definition of "Worse Than Failure". It "works", but really doesn't.
    Thankfully, illicit user feedback is also optional. Users don't have to produce contraband comments!
  • Oliver Townshend (unregistered)

    I think I've seen that first one before. It's Kerebos isn't it? And I'm sure I saw it at this site.

  • Mark (unregistered) in reply to BBT

    Yeah, I saw that. And oh by the way, it's never optional. Unless you intend to quit your job the day the product launches.

  • Mark (unregistered) in reply to BBT
    BBT:
    Also a WTF:

    What kind of requirements elicitation process has eliciting feedback as "optional"?

    Darn it, meant to quote this with my above comment.

  • Mark (unregistered) in reply to BBT
    BBT:
    Also a WTF:

    What kind of requirements elicitation process has eliciting feedback as "optional"?

    Darn it, meant to quote this with my above comment.

  • sas (cs) in reply to DaveK
    DaveK:
    Sheesh, pathetic! Even the trivial homonym typo ('illicit' for 'elicit') is funnier than that.
    Typing 'illicit' for 'elicit' isn't a typo. It means you used the wrong word because you assumed there was only one word with that general sound. Oops. I think the use of 'elude' for 'allude' is a more common manifestation.

    Admittedly, to even make these errors, your light-years ahead of people who make the error in this sentence.

    sas

  • Lady Nocturne (unregistered) in reply to sas
    sas:
    DaveK:
    Sheesh, pathetic! Even the trivial homonym typo ('illicit' for 'elicit') is funnier than that.
    Typing 'illicit' for 'elicit' isn't a typo. It means you used the wrong word because you assumed there was only one word with that general sound. Oops. I think the use of 'elude' for 'allude' is a more common manifestation.

    Admittedly, to even make these errors, your light-years ahead of people who make the error in this sentence.

    sas

    CAPTCHA: stinky, which is how I feel about grammar errors

    /an English teacher Your light years what?

  • A post trophy (unregistered)

    Your light year's a head.

  • lgrave (cs)

    Just one note regarding the years: 9999 and 2008 are valid years. But 0 is not a valid year.

  • chishm (unregistered) in reply to sas
    Comment held for moderation.
  • A post trophy (unregistered)

    Your light years effect more than my light years.

    My light years couldn't even effect a special.

  • Synonymous Awkward (unregistered) in reply to BBT
    Comment held for moderation.
  • chishm (unregistered) in reply to Synonymous Awkward
    Synonymous Awkward:
    Technically, about grammar non-errors and the people who fail to correct them.
    Ah, but if you fail to correct a non-error, does that mean you correctly left it as-is?
  • awt (unregistered) in reply to Lady Nocturne
    Lady Nocturne:
    sas:
    DaveK:
    Sheesh, pathetic! Even the trivial homonym typo ('illicit' for 'elicit') is funnier than that.
    Typing 'illicit' for 'elicit' isn't a typo. It means you used the wrong word because you assumed there was only one word with that general sound. Oops. I think the use of 'elude' for 'allude' is a more common manifestation.

    Admittedly, to even make these errors, your light-years ahead of people who make the error in this sentence.

    sas

    CAPTCHA: stinky, which is how I feel about grammar errors

    /an English teacher Your light years what?

    What do you think "the error in this sentence" refers to?

  • Synonymous Awkward (unregistered) in reply to chishm
    chishm:
    Synonymous Awkward:
    Technically, about grammar non-errors and the people who fail to correct them.
    Ah, but if you fail to correct a non-error, does that mean you correctly left it as-is?
    I was going to say "fail to incorrectly correct them", but the post was already starting to sound like some of our systems documentation as it was. :-)
  • seamus (unregistered) in reply to DaveK
    DaveK:
    Are we running short of material or what? That MS one is pretty desparate. Since when has it been "good enough" to post a link to a bug report/KB article/FAQ entry that merely describes a bug, rather than a graphic of the requester (or whatever) showing the actual bug itself?
    I'm guessing there's something seriously wrong with that article - as pointed out above, the next paragraph in the article states Note that the number of required characters changes from 17,145 to 18,770 with the installation of SP1. Which is nice. You only need to add the length of short college essay to your password.

    Captcha: Scooter Vroom!

  • operon (cs) in reply to Synonymous Awkward
    Synonymous Awkward:
    chishm:
    Synonymous Awkward:
    Technically, about grammar non-errors and the people who fail to correct them.
    Ah, but if you fail to correct a non-error, does that mean you correctly left it as-is?
    I was going to say "fail to incorrectly correct them", but the post was already starting to sound like some of our systems documentation as it was. :-)

    On Language Log they've coined the handy term 'incorrection' for what someone does when they think they're correcting something that isn't actually wrong.

  • Zygo (unregistered)
    And hopefully you'd type the correct one in, rather than one of your last thirty thousand passwords.

    Don't worry about that. With average typing error rates and practically zero visual feedback, the probability of correctly typing 18770 high-entropy characters is much lower than 1 in 30689. In fact, you'll probably never repeat such a password in your lifetime, even if you tried...

    I hope the password change dialog supports cut+paste!

  • Jim (unregistered) in reply to dkf
    dkf:
    RobertB:
    Therefore, it passed my mental validity check... which is the definition of "Worse Than Failure". It "works", but really doesn't.
    Thankfully, illicit user feedback is also optional. Users don't have to produce contraband comments!
    When I'm involved, illicit feedback is never optional.
  • jeff (unregistered) in reply to ParkinT
    Comment held for moderation.
  • NotanEnglishMajor (unregistered) in reply to lgrave
    lgrave:
    Just one note regarding the years: 9999 and 2008 are valid years. But 0 is *not* a valid year.

    Sure it is, it is the one that comes after 9999 when the y10k bug manifests itself.

    -Notan

  • hfrmobile (unregistered)

    writing secure code with M$ ;-)

  • yard (unregistered) in reply to jeff
    Comment held for moderation.
  • c nothing (unregistered) in reply to pete

    i really think you need to stop what you r doing to the bible is really wrong i really hate thhat

  • Amy Cooper (unregistered)
    Comment held for moderation.

Leave a comment on “Sorry, You Used That Password 28,452 Times Ago”

Log In or post as a guest

Replying to comment #:

« Return to Article