XF Forum banner

1 - 14 of 14 Posts

·
Administrator
Joined
·
432 Posts
Discussion Starter #1
Hello all,

Over the next few days we will be implementing some changes to our forum password strength and password expiration policies. To make sure you continue having the best experience possible on the community, we regularly monitor the site and the Internet to keep everyone's account information safe. We've recently become aware of a potential risk to some accounts coming from outside of this community. Just to be safe, we are implementing the following changes to improve security even further:

1) We are asking everyone to change their passwords (and will force a one time reset). Along with every user on the forum, new passwords will need to be more complex, and can't be simple words (sorry, you can't have "fluffy" as your password anymore!). Please use a password unique to this community. Reusing passwords can expose your account indirectly when other websites (Twitter, Linkedin, Badoo, etc) are compromised; and

2) Your passwords will expire on a 365 day basis. When you login on the 366th day, you will have to change it.

We'll also be sending out an email to users to let them know about the changes, in upcoming weeks.

Thanks all,

Helena

Community Management
 

·
Registered
Joined
·
238 Posts
Insisting on a strong/complex password fine, but you are aware that insisting passwords are regularly changed (even annually) is likely to reduce security not improve it?
 

·
Registered
Joined
·
26 Posts
Insisting on a strong/complex password fine, but you are aware that insisting passwords are regularly changed (even annually) is likely to reduce security not improve it?
Hi. I hate forced password changes, especially those with history (ingram, arggh), but what's the theory behind it reducing security? I'd love to have a good reason to do things my way. It's a pain for everyone, and even Outlook on Office 365 barely handles it.
 

·
Registered
Joined
·
970 Posts
2) Your passwords will expire on a 365 day basis. When you login on the 366th day, you will have to change it.
Is there any reason my password expired two months after a reset? This seems a bit excessive and I will soon run out of suitable swear words to use!
 

·
Administrator
Joined
·
22,471 Posts
Is there any reason my password expired two months after a reset? This seems a bit excessive and I will soon run out of suitable swear words to use!
All will be well for a while now. We are happy to accept German expletives :)
 

·
Registered
Joined
·
9,965 Posts
The theory of password protection is flawed. Passwords are most frequently compromised by the owner thereof. The more apparently complex the password system the more vulnerable it is to this weak point.

Password systems are designed by IT people. They should be designed by psychologists.
 

·
Registered
Joined
·
9,965 Posts
All will be well for a while now. We are happy to accept German expletives :)
Is phuqueu ok?

Sorry, edit: pHuqueu*!?

It fits the rules and is at once both easy to remember and inoffensive.

Totally secure since it is merely a random collection of letters and symbols. No computerized password cracking software would ever guess this one.
 

·
Administrator
Joined
·
22,471 Posts
Is phuqueu ok?

Sorry, edit: pHuqueu*!?

It fits the rules and is at once both easy to remember and inoffensive.

Totally secure since it is merely a random collection of letters and symbols. No computerized password cracking software would ever guess this one.
Perfect for you :)
 

·
Registered
Joined
·
9,965 Posts
Perfect for you :)
I like that.

But, too easy to guess....

Just btw, not my invention. We can have personalized vanity registration plates here, real ones.

Maximum 7 characters (6 characters and a space at position 4 allows for 7 characters for vanity plates, now 8 are allowed, hmmmmm, but no obscene or other "unacceptable" words are approved). This one was approved.

I've not seen it. But I have seen some clever ones. Ixlr8 is one, if a little redundant unless on a Toyota Aygo..... My current favourite seen so far is "beater" on a Mercedes 500 coupe...presumably her other car was even better.
 

·
Administrator
Joined
·
432 Posts
Discussion Starter #12
Did you receive a notification in your email inbox? What did it say?

Lee
 

·
Administrator
Joined
·
432 Posts
Discussion Starter #14
Lee, no, no e-mail, just a pop-up box telling me my password had expired.
Hey there

It looks like one of the admins on the site turned on a setting to reset the password on your account. We're going through the logs to figure it out. Sorry for the inconvenience! It has been disabled now.

Dayle
 
1 - 14 of 14 Posts
Top