| Last Hussar | 16 Jan 2016 3:29 p.m. PST |
When I forget a password I tell them my email linked with the account and then they send me an email… … to reset my password. As I obviously have access to the email, why not just send me the  ing password? How is this more secure? |
| Waco Joe | 16 Jan 2016 3:45 p.m. PST |
Depending on the system they are using they may not have your password in any type of non-encrypted manner. It is an additional security measure in case they are hacked. |
| Ditto Tango 2 3 | 16 Jan 2016 6:44 p.m. PST |
What WacoJoe said. Hashing functions, which I used in Oracle for example, are difficult to translate back to a language. Also, the rule of thumb is that sending an email should be considered the same as sending a postcard in the mail. In the latter case, anyone can read it.
--
Tim |
| Last Hussar | 16 Jan 2016 8:01 p.m. PST |
So they send me a link to the password reset site… |
| napthyme | 16 Jan 2016 10:57 p.m. PST |
Yeah they always say use a password you can remember. Ok lets try bubbabutt can't repeat any character next to each other bubabut needs a capitol letter Bubabut needs a number Bubabut1 needs punctuation Bubabut#1 requires at least 9 characters Bubabut#123 two hours later, sorry the password you entered is not correct please call customer service to unlock your account….. GRRRRR *^&%^*^*^* passwords. |
| tkdguy | 17 Jan 2016 12:52 a.m. PST |
I've had to reset my password on a few websites because the website didn't recognize it. After resetting, the website didn't recognize my new password either. |
| Mr Elmo | 18 Jan 2016 5:13 a.m. PST |
not just send me the Bleeped texting password If it's a well secured password, the plaintext password is run through a one way hash algorithm (a few thousand times). The obly way the site can verify your password is to compare the two hashes. |
| Terrement | 18 Jan 2016 10:23 a.m. PST |
Not passwords, but I always thought it was stupid for the phone company to say"you must first dial one to make this call." OK. You're smart enough to inform me, why can't you just dial the dad gummed number? |
 etotheipi  | 19 Jan 2016 7:14 a.m. PST |
Not passwords, but I always thought it was stupid for the phone company to say"you must first dial one to make this call." OK. You're smart enough to inform me, why can't you just dial the dad gummed number?
At the time when that started, the telecom network didn't have the ability to "remember" a number or "back up" where it is in the system and "redo it" for you. Currently, all telecom networks still don't and it's not worth the pain of managing compatibility.
|
| Andrew Walters | 19 Jan 2016 9:24 a.m. PST |
#1 Email is far less secure than a postcard. Anything in email is in full view of the entire globe, for a long period of time. And both the black hats and white hats have computers searching all the email. It literally couldn't be less secure and have any meaning. #2 They make password management software. I don't use it, but lots of people do and the arguments in favor of it are strong. #3 Gamers (along with sports fans) are in the best position to memorize passwords. We've got all kinds of number and letter combinations in our minds for our favorite units. DBA fan? Blade+5+3 will work, and you're not going to forget that. Historical dates and events can also give you unforgettable passwords, like Glorious61 or Hastings1066. #4 Always have more than one working email address. That way if one goes down, you're still functioning. They're free. |
