Weak passwords

I saw this ‘thread’ on Twitter:

https://twitter.com/harribellthomas/status/651794474394361856

and it reminded me of something similar I’d recently read in a vendor’s IPMI whitepaper:

“Special characters like #,$ are not allowed into password field, as these characters can enable shell injection from intruders. Use strong passwords that are at least 8 characters long and include a mix of numbers, capital, and lower case letters.”

Scary. Check your vendor’s password limitations, make sure they’re not limited.