#1
Nov 20, 2013Sorry, but I am forced to yet again change my password on the El Al website. Can I just say the password rules are absolute insanity? What's with the four numbers and four letters garbage? I have a number of very secure very good passwords memorized, but I'm reduced to using easy-to-remember sets of numbers and real words to comply with El Al's password policies.
I work for an organization with some of the most strict password rules there are, and even they aren't this silly.
Not to mention all the other errors and issues with the site...
/rant
I work for an organization with some of the most strict password rules there are, and even they aren't this silly.
Not to mention all the other errors and issues with the site...
/rant
#2
I agree, there have been reports that there is no additional security in having people constantly change passwords. That being said what i usually do is just keep increasing the last digit of the password by one and leaving everything else the same. --easier to remember this way!
#3
Quote:
Ha! I do the exact same thing!Originally Posted by awayIgo
I agree, there have been reports that there is no additional security in having people constantly change passwords. That being said what i usually do is just keep increasing the last digit of the password by one and leaving everything else the same. --easier to remember this way!
The LY password policy has been driving me looney for years. . . . but you should all know it emanates from a flawed concept that originates with the Bank of Israel, which mandates these constant password changes on all Israeli banking sites, which trickles down to companies like El Al. The concept is to make you change the password often enough that a thief/hacker won't let on to you. But its flawed because when you have a password that you can easily remember, you are less likely to record it anywhere except in your mind. When you have a whole bunch of different passwords and they are constantly changing, then you are far more likely to record them in a file on your computer or on an online storage site - and thus are far more exposed and likely to be hacked. For the country that gave us Checkpoint and the kernel of Norton antivirus, this is a pretty lame and not thought out security breach.
But its not just LY - though, as far as I know, LY are not required to comply with this policy because they aren't under the BofI's jurisdiction - they voluntarily chose to adopt it. Have no fear, though: Nobody in LY management has a clue about this. Their whole IT setup was one-time outsourced to some external company who just made it up as they went along and didn't work off of any spec. There is no other way to explain the ridiculous and embarrassing state of LY's web presence, reservations systems, call center routing or anything else related to technology which is ALL done very badly by them.
#6
hnussbacher , May 23, 2012 12:19 am
Complaint passed onward to Elal IT Manager.
#7
economyman , May 24, 2012 2:57 pm
Quote:
I do wonder if that will do much good. I wrote an extensive well devised email to LY a long time ago explaining why the security measures on their website, primarily around the completely and utterly ridiculous implementation of the password, are simply put no good.Originally Posted by hnussbacher
Complaint passed onward to Elal IT Manager.
Well, a lot of good that did. BTW - I have not had to change my password / PIN with any other airline / hotel loyalty scheme, etc. for more than 10 years...
#8
Quote:
Well, a lot of good that did. BTW - I have not had to change my password / PIN with any other airline / hotel loyalty scheme, etc. for more than 10 years...
The main issue is that they REQUIRE four letters and four numbers - I have *much* stronger passwords than this, and it won't let me use them.Originally Posted by economyman
I do wonder if that will do much good. I wrote an extensive well devised email to LY a long time ago explaining why the security measures on their website, primarily around the completely and utterly ridiculous implementation of the password, are simply put no good.Well, a lot of good that did. BTW - I have not had to change my password / PIN with any other airline / hotel loyalty scheme, etc. for more than 10 years...