A question for the IT wizards out there: I tend to use a small number of passwords for multiple IT systems and sites (yes, I know , but my aging memory doesn't allow for dozens of unique passwords). What gets me is that different IT systems use different rules for what are supposedly "secure" passwords. Must be x characters long; must contain at least one upper case letter; must contain at least one number, etc. No two seem to have the same set of rules .

To make things worse, some systems force you to change passwords every three months, six months, or whenever the IT person's genitals itch.

So my normal workaround is to use a proper noun that means something to me, followed by a number. When I'm forced to change I simply increment the number by one. On one system I'm up to 14. More recently I ran across a new one: the password had to contain a "special" character such as ?!#*, etc.

Now the question: does all this horse manure *really* make things more secure, or is it just window dressing to make the IT geeks look like they're doing something useful???