Jump to content

Community

Alcatravision

IPB4 suggestion - Password Policy

Recommended Posts

Similar to what I suggested February of last year,

'?do=embed' frameborder='0' data-embedContent>>

Would certainly be nice to see improvements in this area. I still think the default 3 character requirement for passwords is pretty terrible. I understand some people may not appreciate having the industry standard 8 - 12 minimum character length forced on them, but I don't think there's any real excuse for using a password <6 characters in length, I still think that would be a good compromise for the default.

Then of course adding settings to allow the administrator to tune these requirements would certainly be a major improvement.

Share this post


Link to post
Share on other sites

Similar to what I suggested February of last year,
?do=embed' frameborder='0' data-embedContent>

Would certainly be nice to see improvements in this area. I still think the default 3 character requirement for passwords is pretty terrible. I understand some people may not appreciate having the industry standard 8 - 12 minimum character length forced on them, but I don't think there's any real excuse for using a password <6 characters in length, I still think that would be a good compromise for the default.

Then of course adding settings to allow the administrator to tune these requirements would certainly be a major improvement.

Sometimes I join sites just to ask a quick question or post something stupid. I always use the password "123456" cuz I just don't care about those sites. You're saying you want me to make it "12345678"? Or stick some letters in there? No. Unacceptable. Don't you dare.

Share this post


Link to post
Share on other sites

Sometimes I join sites just to ask a quick question or post something stupid. I always use the password "123456" cuz I just don't care about those sites. You're saying you want me to make it "12345678"? Or stick some letters in there? No. Unacceptable. Don't you dare.

If I had it my way, I'd probably pass all registrations through cracklib or something similar to deny from list of common ridiculously insecure passwords like that in addition to what's being suggested here.

For misc. sites I don't care about, I have one common/generic password I use. My other passwords are tiered depending on the sensitivity of the account. It makes my life easier and still keeps me reasonably secure online.

Share this post


Link to post
Share on other sites

If I had it my way, I'd probably pass all registrations through cracklib or something similar to deny from list of common ridiculously insecure passwords like that in addition to what's being suggested here.

For misc. sites I don't care about, I have one common/generic password I use. My other passwords are tiered depending on the sensitivity of the account. It makes my life easier and still keeps me reasonably secure online.

Am I the only one here who uses the same password for everything?

Share this post


Link to post
Share on other sites

No. I just hope you don't do any online banking.

Admittedly those passwords and my server crap are all special circumstances and deserve better passwords. But we're talking about forums here.

Share this post


Link to post
Share on other sites

Am I the only one here who uses the same password for everything?

Wow, I hope so.

Until recently I had a clever system, in which I derived a unique password from the URL of the site. The resulting password was gibberish to anybody else but me and unique on every site. So there was nothing I had to remember.

Now I just use 1Password and my passwords are so strong, even I don't know them anymore. :-)

Share this post


Link to post
Share on other sites

I lay claim to the first request for this in 2007! Anybody care to try and beat that? ;)

'?do=embed' frameborder='0' data-embedContent>>

So Lindy, 6 and a half years notice not long enough for you? (w00t)

They might be 'only forums' Rimi, but they include my email address, date of birth, Paypal details (in Marketplace), private conversations, ... Password cracking also allows people to impersonate me, share things on Facebook, ... I treat my passwords on forums as seriously as any others.

(I use Password Safe to randomise and track my passwords)

Share this post


Link to post
Share on other sites

Gosh, if we are allowed to dream of something for password protection, how about some biometrics to really give IPS the "WOW" factor ! For boards that have subscriptions this would eliminate the sharing of passwords to bypass paying for access.

post-130776-0-69982700-1398023727_thumb.post-130776-0-29862300-1398023915_thumb.

Share this post


Link to post
Share on other sites

  • Recently Browsing   0 members

    No registered users viewing this page.

  • Create New...