admin (no pm's please)
Site Admin
Virtual Cash: 22860
Joined: 22 May 2005
Posts: 25384
Add Karma
rated by 213 members
Add Comment
Show Comments
 |
 Posted: Thu Jun 11, 2009 10:45 am Post subject: Will you be getting a warning email? |
 
|
|
New code is now installed to monitor your control panels password strength.
From some point in the next week forums with weak passwords will start getting monthly warnings to change a weak password.
_________________
Family Friendly Shareware | | Web Design/Services | Free Forums
|
|
| Back to top |
|
 |
Bravo
Moderator
Virtual Cash: 14050
Joined: 12 Mar 2006
Posts: 2485
Add Karma
rated by 28 members
Add Comment
Show Comments
|
| Posted: Thu Jun 11, 2009 4:56 pm Post subject: |
|
|
Is this really necessary?
I can only imagine this being somewhat irritating to people.
_________________
CG Arts for free Banners, headers, logo's, signatures and avatars.
|
|
| Back to top |
|
|
admin (no pm's please)
Site Admin
Virtual Cash: 22860
Joined: 22 May 2005
Posts: 25384
Add Karma
rated by 213 members
Add Comment
Show Comments
|
| Posted: Thu Jun 11, 2009 5:05 pm Post subject: |
|
|
More irritating than a fried forum?
At current settings 10% of recent sign ups will be qualifying for the email on password alone. but the email will only go out when a forum has reached a level where it has a significant number of posts.
_________________
Family Friendly Shareware | | Web Design/Services | Free Forums
|
|
| Back to top |
|
|
Bravo
Moderator
Virtual Cash: 14050
Joined: 12 Mar 2006
Posts: 2485
Add Karma
rated by 28 members
Add Comment
Show Comments
|
| Posted: Thu Jun 11, 2009 5:43 pm Post subject: |
|
|
Most passwords are secure unless given out freely, the exception being the oft used password of 'password'.
It's only weak if somebody guesses/knows it, and even something silly like 'banana' would take a bloomin long time to guess.
I can't recall a single fried forum that has occurred from a guessed password. All the ones in my memory are from people giving out their password, or giving admin access to strangers. Bit too much nannying for my taste.
_________________
CG Arts for free Banners, headers, logo's, signatures and avatars.
|
|
| Back to top |
|
|
admin (no pm's please)
Site Admin
Virtual Cash: 22860
Joined: 22 May 2005
Posts: 25384
Add Karma
rated by 213 members
Add Comment
Show Comments
|
|
| Back to top |
|
|
Zudane
Moderator
Virtual Cash: 14250
Joined: 10 May 2008
Posts: 1366
Add Karma
rated by 18 members
Add Comment
Show Comments
 |
| Posted: Thu Jun 11, 2009 9:03 pm Post subject: |
|
|
Actually, with the constant pushing for people to use more complex passwords, I would guess that a lot of people won't even try the old classics like "password" "sex" "god" (assuming you could use a 3 letter password), simply because it won't be common anymore.
I can't argue much, but what would be considered a weak password?
_________________
Harsh Reality - Unleash your creativity!
Harsh Reality |
|
| Back to top |
|
|
admin (no pm's please)
Site Admin
Virtual Cash: 22860
Joined: 22 May 2005
Posts: 25384
Add Karma
rated by 213 members
Add Comment
Show Comments
|
| Posted: Thu Jun 11, 2009 9:13 pm Post subject: |
|
|
| Zudane wrote: |
I can't argue much, but what would be considered a weak password? |
Good question, I was expecting to be able to grab some code to cleverly determine that, code I found was way too dumb in my view.
What I have done is based on password length, use of known stupid passwords like "password" ( I won't state the others), then bonuses for the more you are using a mix of character type, e.g. lowercase, uppercase, symbols, numbers.
As Bravo says though even if you are using "banana" then only a real dictionary attack would break in, and the firewall would block the attempt anyway, so maybe this is a nag too far?
_________________
Family Friendly Shareware | | Web Design/Services | Free Forums
|
|
| Back to top |
|
|
FAQ 
Search 
Memberlist 
Usergroups 
Join! (free)
Profile 
Log in to check your private messages 
Log in
