RT @jeremybrooks: It constantly amazes me that web sites with the most critical data (banks, etc) have the worst password policies.