What's this? I need to have a number, a special character, but you also support passphrases? But what if I don't want a passphrase like:Your new password must:
Have at least 1 alphabetic character – A-Z
Have at least 1 number – 0-9
Have at least 1 special character – punctuation, spaces, symbols, etc.
Have between 8 and 512 characters – long strings and sentences are fully supported!
Passwords must match.
I saw a horse taking a number 2!
Obligatory: xkcd: Password Strength
I'm not sure what the hell they were thinking with this. The policy is not the problem. If someone was able to discover passwords from what they store in the database, it's a Trion fail, not a password fail. If all you do is store an MD5, you fail. If you store it in a reversible encryption (as their message implies), YOU SHOULD BE FIRED AND BANNED FROM IT WORLDWIDE FOR INCREDIBLE INCOMPETENCE. An unnecessary change that can only be described as stupid.