How exactly?
I don't understand how the nature of the passwords 'suggest a management decision'. I can't believe that any policy would be written with that level of detail for starters, and why would managers sit around a table and suggest what passwords to use?
IT managers, sure I can beleive that. I had several experinces in large organisations where the IT staff actively promote such 'systems' to aid the thicko end user, and have been involved in relatively high level discussion where the Heads of IT has been berated for such propositions as utilising shared passwords. The sooner this us and them attitude is dropped bwteen IT and end user the better, I've said it many many times that there is often fault on both sides.
My guess is they were defaults setup with an express requirement to change them after install or something, and it hasn't been actioned.
Biting the hand that feeds IT
