@voltronic ooh, harsh.
I couldn't believe it when the org that acquired us actually had less-onerous password requirements. Seems like every other infosec policy was way *more* onerous.
What chaps me on this one is that they changed the minimum-length req on our passwords, and required me to change mine, even though my old pwd meets those new requirements.