MyCitrix password complexity requirements

I just logged in to MyCitrix for the first time in a few months. They informed my that I had to change my password.

I just logged in to MyCitrix for the first time in a few months. They informed my that I had to change my password. I tried a few of my standard ones, but they were all rejected for being to simple. Then I tried my "real" password--the one I use for domains and stuff--and it was also rejected for being too simple. Then I took a minute to actually read the requirements and I was shocked! I think MyCitrix has the most complex requirements ever, including:

  • password must be eight (8) or more characters in length
  • contain at least one (1) digit
  • contain at least one (1) uppercase letter
  • include at least one (1) of these symbols: ! @ # $ % ^ * ? + = -

The strange thing about this is that ALL FOUR of those requirements must be met! (Even the AD security policy for "complex passwords" only makes you conform to three of those four rules.)

And of course none of my standard passwords met this, so now there's a file in my documents folder called "mycitrix password.txt." Yeah for security!

(On a side note, someone once suggested to me to simply add "@password.com" to the end of my standard passwords for an automatic upgrade to the land of complex password security. Nice tip!)

 

Join the conversation

12 comments

Send me notifications when other members comment.

Please create a username to comment.

Maybe you should log into your account more often. That change was made some time ago... 


While working as a LAN Admin at a prior employer, the other LAN admin and I used a 24-character randomly generated password string (including upper and lower alpha, digits and symbols) that was replaced every 90 days, or any time one of the other network folks left the company. We kept small slips of paper in our wallets until we had memorized the password (and, yes, we memorized them.) The MyCitrix requirements are nothing compared to that experience...


And, to our knowledge, no one ever gained unauthorized administrative access while that policy was in place...

Cancel

try http://passwordsafe.sourceforge.net/


no wonder M$ started to support smartcards by default.. too bad a standard desktop doesnt have a smartcard reader..

Cancel

Maryspent$13onherlamb

or

$600aCCUforthis?

Cancel

Citrix is very, very protective of their licenses and since most MyCitrix users have their licenses stored there...


itsalwaysaboutlicensing@password.com

Cancel

Try Keepass the free and open-source password manager.

 

 

Cancel

I ran into this as well a few months ago and it ruffled my feathers.  Typical Citrix championing the wrong priorities.  I'd wager their licenses are no more sought after than any other product license on an internet clearing house.


Let us also not forget what Citrix licensing USED to be like.  Anyone remember sitting on the phone back in the Winframe 1.7 days reading many complex product license keys to Citrix, and obtaining the complex activation key in return?  In addition, if one had to rebuild a Citrix server for any reason, proof had to be given to citrix via a faxed form on why a license key was being reused again to request another activation key.

Cancel

Citrix is very gentle to learn us how to get a complex password... Brian, only 3 complexity requirement in your standard passwords ??? I am trully dissapointed.


.


.


.


Joke !

Cancel
Ha!  See, that one would fail.  No caps or numbers!
Cancel
I bet Photoshop gets pirated 100 times more often than any Citrix product.
Cancel
Because then everyone would accuse Brian of being in bed with Citrix.
Cancel

Password Manager is a joke. All you need is to find out the initial Password of anyone and you have access to all of their sites, applications, and anything the user uses. How safe and secure is this?


Password Manager is another bundled product that perhaps 2% of Citrix users use in production but pay for it in Enterprise and Platenum editions. Many have looked at it but have abandoned any hope of implementing it. I would be willing to bet that Citrix has not rolled out Password Manager corporate wide at Citrix.


Citrix license codes:.....it is easy to rehost a license code and get as many licenses as you want.....I am sure pirates/hackers/crack heads and other less honorable people love this. 


Why can't Citrix give us one new license key once and for all? Why do I need to carry all my licenses that I bought at different times? Why can't my licenses be coordinated to all have the same annual expiration date? This would be customer centric.....

Cancel

All you need is to find out the initial Password of anyone and you have access to all of their sites, applications, and anything the user uses. How safe and secure is this?


This is the smae for most SSO solutions. But for CPM it is true if you want  to implement it that way. There are other ways to implement it. We have it implemented for c. 4000 users. They now 'can't live without it. The only pain in the ass thing about it is hwen the user data corrupts you have to recreate all the logon details. I would give it a thumbs up

Cancel

-ADS BY GOOGLE

SearchVirtualDesktop

SearchEnterpriseDesktop

SearchServerVirtualization

SearchVMware

Close