Originally Posted by
triploss
That's actually a monumentally stupid password policy, just take a read of the following if you don't believe me...
Completely correct.
The secret to a successful password is an
arcane string, not something one would have to write down.
A brute force attack will eventually reveal any password. Especially on badly configured systems which allow unlimited guesses.
The whole idea of a password is to achieve something only the user knows by heart.
A string of 32 characters, with punctuation and random caps doesn't fit.