A little while ago, we updated our password policy and we want to take the time to explain the changes, as well as our motivation.
Passwords are a necessary evil. They are a shared secret that allows you to access private information. From your bank records to your winemaking data, it's pretty safe to say that if you have private information that can be accessed on the internet, it is protected with a password.
InnoVint cares about your data. We will continue to follow industry recommended security standards and practices as we look to keep your data safe and provide our industry leading winemaking experience.
Our recent changes are in line with modern password standards, and are as follows:
- We do not allow password that match a list of commonly used passwords. There is a list of 20,000+ commonly used passwords. The list was made by comparing passwords from breaches that have happened all over the web. You can find an example of this list here.
- We no longer require you to have uppercase, lowercase, numbers and special characters in your password. No sequential (1234), repeating (aaaa) characters, or spaces may be used.
- We do not force you to change your password after a period of time.
- We enforce a password length of at least 8 characters.
- Password cannot be your first name, last name, or email address.
- We lock you account after 3 consecutive failed login attempts. You can easily reset your password by clicking on the link. We will send you an email and in under a minute you can have a new password and log in to InnoVint.
These changes are in line with modern password standards. They make it harder for computers to figure out your password, and actually make it easier for humans to remember their password.