this post was submitted on 03 Apr 2026
704 points (98.6% liked)
Comic Strips
23114 readers
2097 users here now
Comic Strips is a community for those who love comic stories.
The rules are simple:
- The post can be a single image, an image gallery, or a link to a specific comic hosted on another site (the author's website, for instance).
- The comic must be a complete story.
- If it is an external link, it must be to a specific story, not to the root of the site.
- You may post comics from others or your own.
- If you are posting a comic of your own, a maximum of one per week is allowed (I know, your comics are great, but this rule helps avoid spam).
- The comic can be in any language, but if it's not in English, OP must include an English translation in the post's 'body' field (note: you don't need to select a specific language when posting a comic).
- Politeness.
- AI-generated comics aren't allowed.
- Limit of two posts per person per day.
- Bots aren't allowed.
- Banned users will have their posts removed.
- Adult content is not allowed. This community aims to be fun for people of all ages.
Web of links
- !linuxmemes@lemmy.world: "I use Arch btw"
- !memes@lemmy.world: memes (you don't say!)
founded 2 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
Yes, because among other things this annoys users into just writing down their password on a Post-It and sticking it to the bottom of their keyboard or monitor ripe for any passerby to take.
I have explained this to various management types repeatedly over the decades and nobody seems to get it.
I've had success directing people to the NIST password policy guidance.
Wow it's almost as though somebody in there reads xkcd and knows about correct horse battery staple!
The folks at NIST know what they're talking about. The US government directed them to develop security policy for government information systems in 2002 (FISMA) - they've been thinking about how to do this properly for 24 years.
If you happen to work for a US government agency of any kind, you can basically tell your boss "NIST guidance says we should do X" and compliance is technically required by law (within the context of security policies that apply to your agency's work area). If you work for a company that does business with the US government, there are similar compliance policies also published by NIST that you should be following (and your company could lose its contracts if it is not compliant).