Other Web sites have implemented easy fixes to make the process user friendly without compromising security.

I don't know of any that freeze out your account when you have problems.

 

When I have trouble and they send me a new temp password, it often does not recognize it.

 

and if I do manage to get a password that works, if does not stay that way for very long.

 

I thought they were supposed to last a year. So a system that remembers your password would not

reliably work in your case.

Other Web sites have implemented easy fixes to make the process user friendly without compromising security.

I don't know of any that freeze out your account when you have problems.

 

When I have trouble and they send me a new temp password, it often does not recognize it.

 

and if I do manage to get a password that works, if does not stay that way for very long.

 

I thought they were supposed to last a year. So a system that remembers your password would not

reliably work in your case.

Other Web sites have implemented easy fixes to make the process user friendly without compromising security.

I don't know of any that freeze out your account when you have problems.

 

When I have trouble and they send me a new temp password, it often does not recognize it.

 

and if I do manage to get a password that works, if does not stay that way for very long.

 

I thought they were supposed to last a year. So a system that remembers your password would not

reliably work in your case.

Other web sites have implemented easy fixes to make the process user friendly without compromising security.

I don't know of any that freeze out your account when you have problems.

 

When I have trouble and they send me a new temp password, it often does not recognize it.

 

and if I do manage to get a password that works, if does not stay that way for very long.

 

I thought they were supposed to last a year. So a system that remembers your password would not

reliably work in your case.

I had problems using LastPass for generating secure passwords in the past. The generated passwords were in conflict with Intel's secure password policy, and were only accepted by chance. I gave up and resumed inventing the passwords on my own according to the prescription for secure passwords. Maybe that behavior has changed in the meantime.

Hmmm not had any password issues at Intel at all, ever! I normally find using the correct password works the best. If you are not so worried about security writing it down is also quite an effective technique.

A couple of things that could be done to mitigate the problem without sacrificing security:

(i) Users can enter the password in a text editor (such as Notepad), check for correctness in all aspects, then copy and paste into the IDF login box. This would take care of "...We can't see if we have typed in the password correctly -why can't what we type be made visible?" I have found this simple tactic to help especially w.r.t. characters that need the Shift key to be pressed on a keyboard with less than perfect tactile feedback.

(ii) The IDF software could allow a grace period for the necessary password changes. In other words, start showing a notice that the password change will be necessary within xxx days, giving the user time to think up a new password instead of forcing her/him to change the password on the spot after the expiration date has been crossed. My E-mail server does this, and I am grateful for that. Doing something along these lines will enable a user to avoid the unpleasant situation where, say, one logs on to IDF at an airport, is forced to change the password then and there, and forgets the new password soon after.