You’ll enjoy this. To improve security I’m forced to change my password for the Dutch tax website at least yearly. Easy enough, wouldn’t you think?
Translated:
Your password should:
- be different from your previous passwords
- have 3 characters not in your previous password
- be at least 6 characters long
- not contain more than 3 identical characters
- contain at least 3 letters
- contain at least 1 digit
These rules, combined with a given username analogous to NL0001239988 make it impossible for me to remember my credentials. As a result, I have to write them down, making it less safe. The first time I had to think up a password for the site, the result was fuck123. Somehow, these rules don’t work with me.
Additionaly, the Belastingdienst stores all my past passwords! If they’re so concerned about security, they should not store passwords at all. Every developer should know that.
Sigh. I don’t mind paying taxes. I do mind the hassle and illogic.
Can we say OpenID or better yet DigiD?