New forum passwords
Forum rules
The Off-Topic area is a general community discussion and chat area with special rules of engagement.
Enter, read and post at your own risk. You have been warned!
While our staff will try to guide the herd into sensible directions, this board is a mostly unrestricted zone where almost anything can be discussed, including matters not directly related to the project, technology or similar adjacent topics.
We do, however, require that you:
Please do exercise some common sense. How you act here will inevitably influence how you are treated elsewhere.
The Off-Topic area is a general community discussion and chat area with special rules of engagement.
Enter, read and post at your own risk. You have been warned!
While our staff will try to guide the herd into sensible directions, this board is a mostly unrestricted zone where almost anything can be discussed, including matters not directly related to the project, technology or similar adjacent topics.
We do, however, require that you:
- Do not post anything pornographic.
- Do not post hate speech in the traditional sense of the term.
- Do not post content that is illegal (including links to protected software, cracks, etc.)
- Do not post commercial advertisements, SEO links or SPAM posts.
Please do exercise some common sense. How you act here will inevitably influence how you are treated elsewhere.
-
RealityRipple
- Keeps coming back
- Posts: 861
- Joined: 2018-05-17, 02:34
- Location: Los Berros Canyon, California
-
00Septimus
- Apollo supporter
- Posts: 40
- Joined: 2022-03-22, 14:22
- Location: DE
Re: New forum passwords
andyprough wrote: ↑2023-01-17, 18:36Nope, everyone else is just going to have to fight over Pa$$word1, pAssw0rd1, and passWord1*. I was absent the day we were supposed to learn sharing in pre-school, so I'm not wired like that.
Ok ok it's already good - I accept your claim and will use P@ssword01
I get my contributions translated online into English
If the impression arises that I babble drunk nonsense - that was not me.
Please beat up the translator
If the impression arises that I babble drunk nonsense - that was not me.
Please beat up the translator
-
andyprough
- Board Warrior
- Posts: 1115
- Joined: 2020-05-31, 04:33
Re: New forum passwords
You didn't put the best part of that comic - Randal's own password:
So, merely a 149,186 character password.My password is just every Unicode codepoint concatenated into a single UTF-8 string.
-
Moonchild
- Pale Moon guru
- Posts: 37676
- Joined: 2011-08-28, 17:27
- Location: Motala, SE
Re: New forum passwords
and totally guessable once you know that bit of info!
Security is hard.
"A dead end street is a place to turn around and go into a new direction" - Anonymous
"Seek wisdom, not knowledge. Knowledge is of the past; wisdom is of the future." -- Native American proverb
"Linux makes everything difficult." -- Lyceus Anubite
"Seek wisdom, not knowledge. Knowledge is of the past; wisdom is of the future." -- Native American proverb
"Linux makes everything difficult." -- Lyceus Anubite
-
jb_wisemo
- Moonbather
- Posts: 67
- Joined: 2016-01-27, 02:09
Re: New forum passwords
It would be really nice if the rules were displayed clearly and concisely where the user chooses their new password. Both the length and char rules and the rule that the password must now be changed every XYZ days (forum posts so far have been unclear if it is 365 or 540 days) Don't allow the cleartext password to be processed by any SQL code, there are too many cleartext debug logs involved. Putting appropriate server side code in PHP is usually good enough.
For compatibility with common workflows involving password managers that forget the old password when generating a new one, always show the "old password" field before the "new password" fields, not after. I had to dig through a history log to recover my old password after generating a new one (as usual random with about 160 bit entropy).