One of our rules specifies 25+ char randomised passwords for admin accounts (in certain 'special' environments) and although we use password DBs copy and paste is also disabled in these environments as part of the standard lockdown - I can frequently be heard swearing trying to type in some of these passwords (especially on Monday mornings or Friday afternoons). I'm sure 2-factor authentication would have paid for itself many times over already in saving on wasted time...
↧