Password Requirements

Discuss issues and requests related with the forum software
Maniac
Posts: 121
Joined: 24 Oct 2014, 07:15
Contact:

Password Requirements

09 Nov 2015, 08:36

I don't see the use of requiring numbers and symbols in a password on a site that doesn't even use https? Why should I be forced to remember a complicated password for a site where I can't even rely on it being safe when I'm in a public area?
User avatar
jNizM
Posts: 3183
Joined: 30 Sep 2013, 01:33
Contact:

Re: Password Requirements

09 Nov 2015, 09:01

Jup. Thought the same while I saw the pw change page.

+1 for HTTPS and add to HTTPS Everywhere by EFF (I don't surf the net without since ~2 years)
[AHK] v2.0.5 | [WIN] 11 Pro (Version 22H2) | [GitHub] Profile
User avatar
joedf
Posts: 8940
Joined: 29 Sep 2013, 17:08
Location: Canada
Contact:

Re: Password Requirements

09 Nov 2015, 09:43

very cool :+1:
Image Image Image Image Image
Windows 10 x64 Professional, Intel i5-8500, NVIDIA GTX 1060 6GB, 2x16GB Kingston FURY Beast - DDR4 3200 MHz | [About Me] | [About the AHK Foundation] | [Courses on AutoHotkey]
[ASPDM - StdLib Distribution] | [Qonsole - Quake-like console emulator] | [LibCon - Autohotkey Console Library]
guest3456
Posts: 3454
Joined: 09 Oct 2013, 10:31

Re: Password Requirements

09 Nov 2015, 11:13

i too thought the pw requirements were a bit over the top

but does anyone really 'remember' passwords anymore? you should be using diff pws for each site, and storing them in a pw manager such as KeePass which is regularly backed up

User avatar
Exaskryz
Posts: 2882
Joined: 17 Oct 2015, 20:28

Re: Password Requirements

09 Nov 2015, 11:19

@guest3456 because password managers are clunky. Tried to use one on firefox (KeePass with KeeFox?), bugged out and would not at all accept my current password database, so, gve up on that. I just memorize all my different passwords. Makes it easier to login on different devices (such as using my university account to access the online library resources when I'm at the library, or just getting onto a computer).

But yes, https is a great suggestion before we start asking for complicated passwords anyway.
Maniac
Posts: 121
Joined: 24 Oct 2014, 07:15
Contact:

Re: Password Requirements

09 Nov 2015, 11:51

And yes, to echo, the password requirements are crazy for a site with no important information. They're more stringent than most other sites I've been on.
User avatar
MasterFocus
Posts: 146
Joined: 01 Oct 2013, 09:47
Location: Rio de Janeiro - RJ - Brasil
Contact:

Re: Password Requirements

09 Nov 2015, 23:27

@Exaskryz: I use KeePass and I have no problems whatsoever. I've never tried any addons. You could probably try setting an auto-type routine for each relevant entry.
Antonio França - git.io | github.com | ahk4.net | sites.google.com
Member of the AHK community since 08/Apr/2009. Moderator since mid-2012.
Need help? Please post on the forum before sending me a PM.
lexikos
Posts: 9553
Joined: 30 Sep 2013, 04:07
Contact:

Re: Password Requirements

10 Nov 2015, 04:11

Having a complex password is no less valuable on a site without HTTPS than one with HTTPS. Complexity requirements are also much, much easier to implement, and cost nothing.

They're also annoying. I've turned them off. I know that these requirements weren't in place a year ago.

I think it's common to require characters from a minimum number of categories (rather than all of specific categories), but phpBB only has the following settings:
  • No requirements (except length)
  • Must be mixed case
  • Must contain letters and numbers
  • Must contain symbols
These are mutually exclusive, but apparently "accumulative" - i.e. the setting it was on (the last one) requires mixed case letters, numbers and symbols.
Maniac
Posts: 121
Joined: 24 Oct 2014, 07:15
Contact:

Re: Password Requirements

10 Nov 2015, 09:07

Great, thanks Lexikos.

Return to “Forum Issues”

Who is online

Users browsing this forum: Ragnar and 36 guests