Invision Community 4: SEO, prepare for v5 and dormant account notifications Matt November 11, 2024Nov 11
Posted September 9, 200816 yr I submitted this as a bug report but it's not a bug :P Users should not be able to use their username as their password at all. Even a better idea... is to add a 'password too weak' notification area :)
September 9, 200816 yr Posted this along with another suggestion yesterday actually. ^^;;;http://forums.invisionpower.com/index.php?showtopic=276811
September 9, 200816 yr I've seen (in cpanel at least, probably elsewhere but I cannot remember) , it warns you via a bar if the password is too weak. But +1 for not allowing a member to choose a password that matches either their display name or login name (if using name logins) :)
September 10, 200816 yr I hate with a passion when a website decides for you what is strong/weak. I don't often have a problem with it what I use though. Not allowing your name, username, and some other basic info items is one thing, but also consider the fact that that user is making that decision to be insecure. Inform them that "hey, this isn't a good choice" and let them chose to continue.
September 10, 200816 yr Well... some people think their password is completely secure just because it's "lol5". A password meter shouldn't stop you from chosing this password, it should just warn you. Btw, Elad Nava made such a mod not so long ago.
September 11, 200816 yr This sounds good maybe, but I can't say I want my forum playing mommy with new members. Some users might not want a fancy password either. It may lead to forums getting less members.
September 11, 200816 yr As I suggested, the admin should set whether a strong pass is required, and if so, how strong. Some forums have more of a need for strong passwords, others don't. And that way, you can blame the admin of a forum rather than IPS if they require a strong password. :lol:
Archived
This topic is now archived and is closed to further replies.