Silent Pool | 03 Jan 2020 6:14 a.m. PST |
Do you still use the TMP password issued to you by Bill …and just for my records, what is it? |
79thPA | 03 Jan 2020 6:20 a.m. PST |
I thought I created my own when I joined. |
Editor in Chief Bill | 03 Jan 2020 6:25 a.m. PST |
In the old days, you set your original password. This caused problems when people managed not to set a password on their account… In more recent years, the system assigns you a password, which you can always change. |
Stryderg | 03 Jan 2020 6:45 a.m. PST |
I'm still using my original password. It's "n0tYour1nf0", without the quotes. Please update your records. I change passwords on sites where the potential damage can be high. If someone gets my password here, they can change my preferences and that's about it. Oh, wait, they could put me on the Napoleonic boards! <shudder> |
Ed Mohrmann | 03 Jan 2020 8:15 a.m. PST |
I've never changed mine since the initial sign-up. |
Garryowen | 03 Jan 2020 10:15 a.m. PST |
I haven't changed mine either. I can't see the potential damages as being at all significant if someone had it. Tom |
Frederick | 03 Jan 2020 11:26 a.m. PST |
Have not changed it – No. 3 son, who is a tech wizard, tells me that frequent password changes, especially if mandated, actually degrades and not enhances security |
14Bore | 03 Jan 2020 1:17 p.m. PST |
Yes still the original, if its that hard to remember it for me who else is going to get it? |
Stryderg | 03 Jan 2020 1:44 p.m. PST |
Your No. 3 son is correct. Frequent changes means people will start writing them down, or use passwords that are easy to remember, like "password". Oh I have to change it, great, "password1" it is. |
JimSelzer | 03 Jan 2020 3:31 p.m. PST |
|
Syrinx0 | 03 Jan 2020 7:39 p.m. PST |
Never changed my original. Even Microsoft has finally admitted changing passwords frequently is meaningless. Using strong hard to guess passwords is better. That said, I don't use the same password for my gaming boards as my finances. |
von Schwartz | 03 Jan 2020 8:54 p.m. PST |
I haven't changed ANY passwords for at least 10 years unless I'm forced to, my previous employer required monthly changes with no repeats!!! My original password was assigned by Hotmail and it was so random that I felt it was as secure as it's likely to get. |
Dn Jackson | 03 Jan 2020 11:19 p.m. PST |
|
ZULUPAUL | 04 Jan 2020 2:57 a.m. PST |
Still use my original password, no plans to change it. |
Mr Elmo | 04 Jan 2020 7:06 a.m. PST |
I think a 12 character minimum that allows unicode is a good start. A dictionary of common passwords (top 1000) is also good to implement. Rotation isn't really necessary. Also, store the passwords hashed (PBKDF2) with good salt and pepper. And allow password managers, I cannot remember }ȹƧ♡⚕😽♺😀♈ı☺ìŅƩ«ǭ😕Ę+*¸Ə☒Ťš> or whatever. That said, does it matter? TMP uses SHA1 and an invalid certificate. |
Legion 4 | 04 Jan 2020 8:16 a.m. PST |
|
Andrew Walters | 04 Jan 2020 10:12 a.m. PST |
Telling people how often your change your password is a bad idea. Anything people know about your password can help crack it, and cracking one can lead to cracking others. So it's probably not smart to even *ask* how often people change their passwords. TMP is awesome, I'm here every day, but as an affectionate critique I have to say it is *extremely* insecure. It appears to me, an amateur, that when you log in your password is sent in clear text. As a result, it is essential that you change your password daily, or ideally every time you log in. If anyone asks that's what I do. |
Dn Jackson | 05 Jan 2020 12:36 p.m. PST |
"TMP is awesome, I'm here every day, but as an affectionate critique I have to say it is *extremely* insecure." That's true. It keeps sending me emails asking if I really like it. :-) |
DJCoaltrain | 25 Jan 2020 9:29 p.m. PST |
My PW hasn't changed since I created it. |