Login passwords

Asked by Mike W on 2012-06-02

More of an info...

1) Capta should also not be hard for humans to read. Some are.

2) New security standards, seem to be miss aligned.

minimum 8 char, Upper,Lower,Num,Spec ? Not sure WHO came up with this made mix, as it leaves users with passwords they can never remeber. If you can't remeber then it has to be storedin an app or logged visually in a file. I'm face with this at work and on numerous other sites, but you are the last one I created an account with and I could not use my std password, so I'll likely need numerous password resets, which will just expose me or my password contrary to being secure.

Why not allow long pass phrases instead, IE: "my mother wears blue dresses", "my dog likes to chase cars". M y understanding is that the smaller the passcode the easier it is for bruteforce attacks and bruteforece attacks don't have difficulties with mixed case, numerics... As an apache provider I know it is also easy to block bruteforce attacks(not sure w IIS).

I'm not blaming you, but am faced day-to-day with secuiry people who don't understand from a users perspective and new password standards such as your own are a detriment to enforcing security. As I MUST now have a unique password for your site I MUST put it in a log file and I must expose it so I can look it up from other PC's

Please forward this to whomever is responsilbe...

PS: As a side comment, have you ever looked at OpenID?

Question information

Language:
English Edit question
Status:
Answered
For:
Canonical SSO provider Edit question
Assignee:
No assignee Edit question
Last query:
2012-06-02
Last reply:
2013-04-16
Jeet (gour-jitendrasingh) said : #1

Created a Bug! will be cleared ASAP.

Thanks
~jeet

Can you help with this problem?

Provide an answer of your own, or ask Mike W for more information if necessary.

To post a message you must log in.