That's all about regulatory risk, SOX, HIPAA, GLBA, etc. Let's be honest it is a "complaint" about a password policy, at best a means to an end. Unless you read that as a complaint about the motivation, because I did not.
I can't stand this the "Security is a tradeoff with usability" line. It is not. When you lock the airplane lavatory door and the light turns on what is the tradeoff? As far as I am concerned Acme Bank's website is unusable if anyone can login as me. How usable are your funds if anyone can transfer them out of your control?
I can't stand this the "Security is a tradeoff with usability" line. It is not. When you lock the airplane lavatory door and the light turns on what is the tradeoff? As far as I am concerned Acme Bank's website is unusable if anyone can login as me. How usable are your funds if anyone can transfer them out of your control?