Home

Spiceworks Community Digest: Password pet peeves

Shelby Green Shelby Green
October 8, 2025
Password management can't the annoying reality of the humans that come with it.
(Credits: Andrey_Popov/Shutterstock)

Happy Cybersecurity Awareness Month! It’s time to talk about the universally frustrating hero of digital safety: the password.

Based on how much technology has advanced, you would think passwords would be a thing of the past. Yet, the headaches from password policies only seem to be getting worse with time. We asked IT professionals to share their biggest password pet peeves, and the results confirmed that the core issues revolve around outdated policies and user behavior.

Complexity vs. Common Sense

The top password pet peeves show a direct conflict between security practices and human nature. Many community members noted that old, rigid policies often defeat the purpose of security, pushing users toward predictable, weak patterns.The two top complaints in the community poll, tied at 49%, were forced password changes every 90 days and users who write their passwords on sticky notes, which are likely linked.

  • Ken Lynch: “Complex requirements with short life times (90 days) are what make users repeat passwords or write them on post-it notes.”
  • shellstx: “The fact that things like Summer2025! meets password complexity rules in Windows AD and users just change the season and month. Yeah so secure.”

The MFA Headache

While MFA is the gold standard for security, the implementation can lead to significant friction, both for users and IT admins. The poll found MFA challenges like multi-factor authentication that needs every device I own (25%) and users who lose their phones and can’t do the MFA step (19%) are common.

  • The Daveman: “My biggest pet peeve has become the sheer number of push MFA apps that vendors require me to use… So far in the past year I’ve had to install Rublon, Duo and Salesforce… that doesn’t even include Microsoft, Google and Fortinet authenticators.”
  • DrDeany: “My biggest pet-peeve is the State of California where companies cannot ask employees to install an app on a personal phone… Do you know how hard it is to enforce MFA when the end-user won’t use their personal mobile devices and the employee won’t.

Do you agree with the community’s top pet peeves? Join the conversation and tell us what drives you (and your users) crazy about passwords.

 

Shelby Green
Shelby Green

Shelby Green is a seasoned content writer with 8 years of experience in the tech and IT industry. She's passionate about helping companies in the cybersecurity, SaaS, supply chain, and tech skill development spaces tell their stories.
Take me to Community
Do you still have questions? Head over to the Spiceworks Community to find answers.

Recommended Reads

AI cyberattacks: How hackers used AI to automate espionage
Security

AI cyberattacks: How hackers used AI to automate espionage

When disaster recovery plans fail in real disasters
Security

When disaster recovery plans fail in real disasters

How to balance privacy and security with the need for speed
Security

How to balance privacy and security with the need for speed

Quantum computers will crack your encryption. Now what?
Security

Quantum computers will crack your encryption. Now what?

How to tackle AI sprawl
Software

How to tackle AI sprawl

Ready, fire, aim: Corporate AI strategy ignores the risks
Security

Ready, fire, aim: Corporate AI strategy ignores the risks