Help support TMP


"Forgotten Password" Topic


10 Posts

All members in good standing are free to post here. Opinions expressed here are solely those of the posters, and have not been cleared with nor are they endorsed by The Miniatures Page.

For more information, see the TMP FAQ.


Back to the Ranting Plus Board



328 hits since 16 Jan 2016
©1994-2017 Bill Armintrout
Comments or corrections?

Last Hussar16 Jan 2016 2:29 p.m. PST

When I forget a password I tell them my email linked with the account and then they send me an email…

… to reset my password.

As I obviously have access to the email, why not just send me the Bleeped texting password? How is this more secure?

Waco Joe16 Jan 2016 2:45 p.m. PST

Depending on the system they are using they may not have your password in any type of non-encrypted manner. It is an additional security measure in case they are hacked.

Personal logo Ditto Tango 2 3 Supporting Member of TMP Inactive Member16 Jan 2016 5:44 p.m. PST

What WacoJoe said. Hashing functions, which I used in Oracle for example, are difficult to translate back to a language.

Also, the rule of thumb is that sending an email should be considered the same as sending a postcard in the mail. In the latter case, anyone can read it.
--
Tim

Last Hussar16 Jan 2016 7:01 p.m. PST

So they send me a link to the password reset site…

napthyme Sponsoring Member of TMP16 Jan 2016 9:57 p.m. PST

Yeah they always say use a password you can remember.

Ok lets try bubbabutt

can't repeat any character next to each other bubabut

needs a capitol letter Bubabut

needs a number Bubabut1

needs punctuation Bubabut#1

requires at least 9 characters Bubabut#123

two hours later, sorry the password you entered is not correct please call customer service to unlock your account…..

GRRRRR *^&%^*^*^* passwords.

tkdguy16 Jan 2016 11:52 p.m. PST

I've had to reset my password on a few websites because the website didn't recognize it. After resetting, the website didn't recognize my new password either.

Mr Elmo18 Jan 2016 4:13 a.m. PST

not just send me the Bleeped texting password

If it's a well secured password, the plaintext password is run through a one way hash algorithm (a few thousand times). The obly way the site can verify your password is to compare the two hashes.

Terrement Supporting Member of TMP18 Jan 2016 9:23 a.m. PST

Not passwords, but I always thought it was stupid for the phone company to say"you must first dial one to make this call." OK. You're smart enough to inform me, why can't you just dial the dad gummed number?

Personal logo etotheipi Sponsoring Member of TMP19 Jan 2016 6:14 a.m. PST

Not passwords, but I always thought it was stupid for the phone company to say"you must first dial one to make this call." OK. You're smart enough to inform me, why can't you just dial the dad gummed number?

At the time when that started, the telecom network didn't have the ability to "remember" a number or "back up" where it is in the system and "redo it" for you. Currently, all telecom networks still don't and it's not worth the pain of managing compatibility.

Personal logo Andrew Walters Supporting Member of TMP19 Jan 2016 8:24 a.m. PST

#1 Email is far less secure than a postcard. Anything in email is in full view of the entire globe, for a long period of time. And both the black hats and white hats have computers searching all the email. It literally couldn't be less secure and have any meaning.

#2 They make password management software. I don't use it, but lots of people do and the arguments in favor of it are strong.

#3 Gamers (along with sports fans) are in the best position to memorize passwords. We've got all kinds of number and letter combinations in our minds for our favorite units. DBA fan? Blade+5+3 will work, and you're not going to forget that. Historical dates and events can also give you unforgettable passwords, like Glorious61 or Hastings1066.

#4 Always have more than one working email address. That way if one goes down, you're still functioning. They're free.

Sorry - only verified members can post on the forums.