I've just about had it with web sites that increase their password complexity requirements and force you to change your current password if it does not comply. I don't need an explanation as to why they do it; suffice it to say that I do not agree.
Websites that I use with whom I do not have a contract (i.e. anything for free) can do this, and I either can discontinue my use of the service or take it and change my password.
However, with contract (basically, agreements to pay for a service for a certain number of months, e.g., cell phone providers) services, some companies still try to do this. In my thinking, this essentially breaks the contract by fundamentally altering my service by requiring me to do something to which I never agreed.
Again, if the company doesn't force you to change your password, but enforces complexity requirements if you ever change/reset your password (Google does this), I do have to take it. I wish they didn't, but I can't do too much about that. I only believe I have a leg on which to stand where the company forces me to change the password by preventing me from doing anything on the site before changing the password.
What are your thoughts? Or, how much leverage do I have? (I expect a lot of IANAL responses, but that's quite all right. Maybe we'll even have some IAAL responses!)
Websites that I use with whom I do not have a contract (i.e. anything for free) can do this, and I either can discontinue my use of the service or take it and change my password.
However, with contract (basically, agreements to pay for a service for a certain number of months, e.g., cell phone providers) services, some companies still try to do this. In my thinking, this essentially breaks the contract by fundamentally altering my service by requiring me to do something to which I never agreed.
Again, if the company doesn't force you to change your password, but enforces complexity requirements if you ever change/reset your password (Google does this), I do have to take it. I wish they didn't, but I can't do too much about that. I only believe I have a leg on which to stand where the company forces me to change the password by preventing me from doing anything on the site before changing the password.
What are your thoughts? Or, how much leverage do I have? (I expect a lot of IANAL responses, but that's quite all right. Maybe we'll even have some IAAL responses!)