Cease and desist your password restrictions

I just tried to create an account at Bed Bath and Beyond. They said my password could only contain letters and numbers. Many sites impose various restrictions on the password, including

• Password must be exactly some length
• Password must be greater than some minimum length
• Password must be smaller than some maximum length
• Password must contain some minimum number of "complex" characters
• Password must NOT contain complex characters
• Password is actually a 4-digit PIN

What this creates is A) major frustration B) a problem with remembering dozens of totally different passwords and C) inability to have a simple "low importance" password for your dozens of accounts you aren't super concerned about.

Stop this madness. Stop your silly password restrictions. They are incompatible, frustrating, and probably not helping. See the articles below for reference, but there are many others out there if you do a web search.

References

• A Strong Password Isn’t the Strongest Security
• Secure Passwords Keep You Safer