Do I really need a password like this?

[BeanAnimal]

It depends on what the site that has the password is.
Does it have any valuable information stored? Credit card info, etc?
If it's just a forum... yes, it's excessive.

But.

Use a password manager (I use LastPass, and can recommend it), and use it for everything. It will make a password as complicated as the site needs, and all you need to do is remember the main password manager password. I use it for everything that needs a password, except super high-risk things like my bank login. For those, I have my own, strong, complex password.

--Gray

It is a patently ridiculous way to enforce password complexity, regardless of the data being protected.

 

[BeanAnimal]

My passwords are not intelligible.
I create passwords by turning my keyboard upside down and randomly typing at least 12 characters.
I will then choose various letters and capitalize them and add the special character if needed.
Of course this is only for sites and systems that must be secure.
The rest I have a generic PW.

why be so hard on yourself?
Dog9Trees7Red! Has more entropy than your 12 random characters and can be easily remembered.

Choosing words based on context makes them easy to remember.
Your online banking password for example.
Your bank is brick it has an elm tree in the yard and is in next to a donut shop 3 miles from your house.
Brick3GlazedElm!

or you drive by a farm on the way to work It has 2 barns
your email password
GoatJumpsNearBarn2

easy to remember even if you forget and has nothing to do with your life, social media or any other mineable attribute

skip the character replacements too… any hacking algorithm will try them all, including l33t speek and other common shorthand. All they do is make it hard for you to type and rememner.

password is the same as pa55w0rd or pa$$word or pa44w0rd, etc.

 

[BeanAnimal]

It depends on what the site that has the password is.
Does it have any valuable information stored? Credit card info, etc?
If it's just a forum... yes, it's excessive.

But.

Use a password manager (I use LastPass, and can recommend it), and use it for everything. It will make a password as complicated as the site needs, and all you need to do is remember the main password manager password. I use it for everything that needs a password, except super high-risk things like my bank login. For those, I have my own, strong, complex password.

--Gray

except LastPass was hacked several months ago where user data was stolen, both encrypted and unencrypted and user secrets may have been exposed.

 

[Walkerby]

Totally get where you're coming from on those crazy password requirements—they can be a pain. I used to just stick with something simple until I got burned by a data breach. After that, I knew I had to up my game.

 

[scooterh928]

Work makes us change every 90 and has to be minimum of 16 char so each change I just add an extra ! Until I get a hand full then change it up and start over

 

[Walkerby]

Totally get where you're coming from on those crazy password requirements—they can be a pain. I used to just stick with something simple until I got burned by a data breach. After that, I knew I had to up my game.

One day, I tried a random generator and ended up with something that looked like a cat walked across my keyboard. It was impossible to remember. Then I came across this strong password generator that spits out easy-to-remember combos with words, numbers, and symbols that actually make sense. It's been super helpful and no more headaches trying to reset every time!