Personally I think it's better for a human to remember an obnoxiously long password rather than change to a short but easily-crunchable one every couple of weeks.  After months of use, it is much easier to recall.

On the down side if anyone is listening to my thoughts then I'm like a goddamn password broadcaster.

Okay, I laughed.

    It's funny now,  it wasn't so for the two plus years I dealt with it on am IL State run website.

Good one, Doc.

Lol i get the same thing from my msn account.The reset never lasts long i just did a new one last week ,they will be asking me to change it again soon. i am running out of ideas

Well there are online options like LastPass (which admittedly have had some problems which I think have been fixed up), and a home program called KeePass where you store your passwords on your home computer in a (somewhat) encrypted form.  I know that LastPass uses a master password, I think KeePass uses one too.

I work on websites and sometimes I have to write such login checks... imo it's pretty stupid and those conditions make passwords less secure (because any condition means there is less randomness).

For instance, take the condition that there should be two numbers in a password ... that doesn't increase security, not at all.

Or take the condition that there should be at least two #%&! special characters in a password ... that doesn't increase security either.

Only in an alternate universe to ours...

the only Security changing seems to help is IT job security.

At work you get a popup two weeks before you have to change your password asking if you want to change it now.

Then, every day or every re-start of your computer, it asks if you want to change it now!

Makes me want to change it with a hammer!

Find the dude at the other end and do this...

Take said hammer in hand...raise high overhead and with judicious aplomb.......BLAM! All done. 

Oh god, I work for the government, and this is my life.  And I train people, so when they set their own passwords and forget them, they come to me like I am suppose to magically know what they set their passwords to.  

Additional character requirements do increase security.

When you write a program to try every possible combination, special characters, numbers and capitalization requirements all increase the combination set you have to run through.

The problem is it's fucking pointless because a 10 letter password is unbreakable.  A super computer may be able to break a hundred digit password in a matter of minutes, but if the super computer is 10ms across the internet, it might as well be a 486.  It would be over 30 years just to try every combination in a numeric password, you'll be dead a thousand years before a 10 letter password gets hacked over the internet, barring revolutionary leaps in networking that remove latency from the equation.

https://howsecureismypassword.net/

Sites like this seem to think you're going to be using the login server to crack the passwords.

Now if you used a dictionary word, well...  There's only a couple hundred thousand after all, even over the internet a password that weak can be broken.  Then again, any system worth a damn should be doing a lockout after 3 failed attempts in a row.  If something is trying to log in four hours straight, they have bigger security problems than password strength.

Where it will matter is when they get hacked.

Yes, psychoak is correct ..... the issue with passwords is their 'choice'.

'PASSWORD' is a password, but it's not exactly a good one....

It's actually not difficult to remember a password that is over ten characters, if you use it every day.

The problem your brain has (in my uneducated opinion) is separating and remembering the seemingly-random letters and numbers you chose.  So use symbols in your password to break it into chunks.  You play to the associative stregnths of the human brain this way, because you only need to remember one part of your password to trigger remembering the other parts and what order they all go in.

Well, that's the theory anyway.

My thing is long sentences, some meaningful some nonsensical and all greater than ten characters. One that I have is 17 characters long. Lets see some dinkleberry break that.