Some interesting comments
“ ‘Acking zee Tweeter “
I've always felt that way about passwords.
It probably depends on how much shoulder surfing is going on around you.
I once worked somewhere where they wouldn't tell you the Password policy -ie how many characters, what kinds, forbidden characters, etc. You had to implicitly (or not) figure it out when the monthly message came up to enter a new password. So stupid!
It took me about five minutes to figure something out the first time. All it would tell you was "invalid password - reenter".
It turned out to be 14 or more characters, no special characters, no two characters the same in a row, and only two numbers, or something equally as dumb.
Repeat - idiots.
Buffer Overflow -> IT Works.