In last few weeks, I have suffered from stupid 
password policies. One of them was a bank.
They have strange password policies, they require numbers, capital letter and a small letter in the password, and they limit their password to be 6 chars long.
The other one is for ETS GRE. Recently, they opened up a new web site through which you can learn your GRE scores and order test score submission. Once again, I forgot my password. This time, I tried the “Forgotten password” option and appearently, they failed providing a reliable system here. I entered everything right, and came to password change screen. When I submitted, I got “technical error occured”. After 3rd or 4th time, it now says “account locked”. Now I have to make international phone calls to order my GRE scores.
I just don’t remember this kind of passwords that have silly requirements. I had a password in mind that I use for my mail which is around 30 chars long, and it is strong enough for me. If I need to ensure security, i specialize them in a way that i remember. I don’t need your stupid policies to ensure my security. If you want your inexperienced users to have secure password, that is fine, but please don’t restrict me or have a reliable forgotten password system..