Changing Our Password Policy

[Sciwoman]

Did something similar, but somehow switched a couple of words when writing it down. Sometimes I swear that I'm a touch dyslexic.

[Cyberman]

Wow. With the level of temper tantrums thrown here, you'd think Tiberius asked for a DNA sample.

... You mean he didn't?

Um, Tibe? You might get a package marked 'fragile' and 'keep refrigerated' in a day or two. Sorry about that.

[Paul the Human]

For the record, I actually agree that more complicated passwords are a good idea. I have no problem with them being strongly suggested and recommended. I have a problem with them being forced upon us 'for our own good'. That kind of thing seriously pisses me off.

If I have a weak password, it would present no danger to the forums. Saying it does is a flat out lie. What could anyone accomplish by logging into my account? Nothing, but post something stupid... and I do enough of that on my own. I can see forcing it upon the staff, as logging into a staff member's account gives one a level of power and access that could be a security problem... but regular members should not be forced to use passwords that Adrian personally approves of 'for our own good'.

Yes... such a policy pisses me off enough to leave the forums. You may think that I am overreacting, but since when do I give a shit what anyone else thinks. It pisses me off and I'm gone. Have fun people. Next thing you know, Adrian will be forcing minimum and maximum word counts for your posts... you know... for your own good (to stop spammers).

[ElDinero]

I bet everyone accusing ME of overreacting feels silly now... Leave the forums over it? Ok then, that'll show them.

I just like arguing about stuff.

[5thHorseman]

I changed my password, and then after visiting a few more times, I had to do it again. I changed it to exactly the same one. Is this a potential problem(the doing it again or the same one)?

[Rev. Rye]

I hope so. Because I've changed my password no less than five times in the past 24 hours and if I have to do it one more time, I'm going to have to defect to some other forum.

Only two of those were down to forum policy. Please don't make out that we've made you change your password more than we have.

Okay, three of those times were false starts because it turned out that my passwords were not complicated enough. But still, making us change our passwords twice in one day! Maybe it would be a good idea to make up your minds as to what the passwords should be before starting on this project.

[Tiberius]

For the record, I actually agree that more complicated passwords are a good idea. I have no problem with them being strongly suggested and recommended. I have a problem with them being forced upon us 'for our own good'. That kind of thing seriously pisses me off.

Lots of sites are doing this. Almost every site I sign up to requires me to enter a complex password. I doubt you mind those sites doing it; no, it's just that we changed our policy here and made everyone comply with it.

If I have a weak password, it would present no danger to the forums. Saying it does is a flat out lie. What could anyone accomplish by logging into my account?

Other than the fact they would have access to any personal details you've stored here? How about not thinking about yourself, but other people? If the database is stolen, an attacker can crack at least 36% of the passwords. Since people often use the same password, that leaves them open to getting hacked on other sites (including email). We would be to blame, since if we had a complex password policy, less passwords would be crackable.

Next thing you know, Tiberius will be forcing minimum and maximum word counts for your posts... you know... for your own good (to stop spammers).

This is a lie and you know it. You don't need to make stuff up to present your point; it makes you look desperate.

---

I changed my password, and then after visiting a few more times, I had to do it again. I changed it to exactly the same one. Is this a potential problem(the doing it again or the same one)?

Neither are a problem. We had to make everyone do it again, my bad. Changing your password to the same thing just means you didn't need to think up a new one.

---

Okay, three of those times were false starts because it turned out that my passwords were not complicated enough. But still, making us change our passwords twice in one day! Maybe it would be a good idea to make up your minds as to what the passwords should be before starting on this project.

Apologies, we had decided to make the change, but I reversed it when a few people complained. I then went back in my decision when I realised these people were in the clear minority, and most people appreciate staff who value high forum security.

[Autumnlicious]

Next thing you know, Tiberius will be forcing minimum and maximum word counts for your posts... you know... for your own good (to stop spammers).

I'm sorry to have you leave over a rather mundane thing.

However, I'd like to take the moment as a software developer to specify there are minimum and maximum word counts built into MyBB, so the assertion made is unfair and overwrought.

[liam]

Just wondered if we could have the name 'password' changed to something more appropriate, because unless you're incredibly verbose you'll struggle to find a twelve letter word? Passphrase or pass-sentence are equally acceptable replacements

[Ace Otana]

Just wondered if we could have the name 'password' changed to something more appropriate, because unless you're incredibly verbose you'll struggle to find a twelve letter word? Passphrase or pass-sentence are equally acceptable replacements

Struggle? Hardly good sir.

I know a word that's 27 characters long. - Honorificabilitudinitatibus.
The longest word in English is 189,819 characters long.
Good luck guessing it for a password.