I just logged in to MyCitrix for the first time in a few months. They informed my that I had to change my password. I tried a few of my standard ones, but they were all rejected for being to simple. Then I tried my "real" password--the one I use for domains and stuff--and it was also rejected for being too simple. Then I took a minute to actually read the requirements and I was shocked! I think MyCitrix has the most complex requirements ever, including:
- password must be eight (8) or more characters in length
- contain at least one (1) digit
- contain at least one (1) uppercase letter
- include at least one (1) of these symbols: ! @ # $ % ^ * ? + = -
The strange thing about this is that ALL FOUR of those requirements must be met! (Even the AD security policy for "complex passwords" only makes you conform to three of those four rules.)
And of course none of my standard passwords met this, so now there's a file in my documents folder called "mycitrix password.txt." Yeah for security!
(On a side note, someone once suggested to me to simply add "@password.com" to the end of my standard passwords for an automatic upgrade to the land of complex password security. Nice tip!)