Password policy conflicts with rights of disabled people

I have brain damage and cannot use a site that forces me to update my password every year. I simply do not have the memory capacity for that sort of thing. 

While I'm not clear about what the federal laws of the USA require, I'm quite sure that "reasonable accommodations" for disabled people are part of the law for institutions both public and private.

As an information technology consultant, I can tell you that your password policy is not only offensive, but completely ineffective as there's no significant risk mitigation offered by that policy. A hacker can get a new password just as easily as they got the old one.

Please update your policy to reflect the rights of disabled Americans, many of whom are angry war veterans, like myself. As an industry expert, I can make things much more difficult for you if this request is ignored.


Please sign in to leave a comment.