Password Resets – please read

This message was sent with High importance.

Sent: 01 April 2009 08:31

To: Red-Gate

A few people have run into problems where they’ve been asked for their password, mid-afternoon while accessing file shares or Exchange. This is occurring because we’re changing our password expiry cycle from the current 1 year. We were reducing it bit-by-bit to avoid affecting everyone straight away – but we’ve realised that we need to accelerate this program.

The new policy will require you to change your password every 14 days, and this will come into effect at 12pm (noon) today. We will require you to have a stronger password than before, with more non-alphanumeric characters (i.e. punctuation). An example of an appropriate password would be @pr1!FuLe

If this is likely to cause you great inconvenience, we can arrange for a slightly more lenient reset frequency – we recognise it’s the job of the IS team to remove the treacle, so if you could write us a letter on company-headed paper, counter-signed by your line manager and both Neil and Simon, that would be great.

Have a good morning,

Gareth

–

Gareth Marlow, Head of Information Systems, Red Gate Software Ltd.

Pwned at least five people with that one. The more serious point is that there was an expectation that an IT department would even consider pulling a stunt like that. IT departments have bad PR but sometimes, we’re our own worst enemies.