 sj |
||
|
||
BS: Changing Your Password?
|
|
|
|||||||
|
BS: Changing Your Password? |
Share Thread
|
||||||
|
Subject: BS: Changing Your Password? From: DrugCrazed Date: 31 Jul 13 - 06:35 AM Evenin' all, I'm doing a massive password update (LastPass is telling me off for having similar passwords), so I was about to change my password up here. Does Mudcat not let you? |
|
Subject: RE: BS: Changing Your Password? From: bobad Date: 31 Jul 13 - 06:52 AM Send Joe an email joe@mudcat.org |
|
Subject: RE: BS: Changing Your Password? From: maeve Date: 31 Jul 13 - 07:37 AM bobad has it right, DC. Put something like, "Mudcat Password Help" in the subject heading to catch his eyes. |
|
Subject: RE: BS: Changing Your Password? From: DrugCrazed Date: 31 Jul 13 - 11:32 AM Went with Password Change. That might not have been the best. |
|
Subject: RE: BS: Changing Your Password? From: Stilly River Sage Date: 31 Jul 13 - 01:12 PM I don't think the automated form (if one still is locate-able) has worked for years. I haven't looked at it, I just know that you need to talk to Joe. SRS |
|
Subject: RE: BS: Changing Your Password? From: maeve Date: 31 Jul 13 - 01:30 PM SRS is correct. Email Joe as suggested. He'll help you out! |
|
Subject: RE: BS: Changing Your Password? From: McGrath of Harlow Date: 31 Jul 13 - 02:17 PM At least with the Mudcat it's simple with the Mudcat, with just a username that appears on the posts, and a password for renewing this if you sign n on a different computer. With some sites they have a name that appears in public posts, a username whch is different, and a password. And with Apple it can get really weird - I've just been wrestling with this over the past few days. The system as I've untangled it is you have an Apple ID, and a completely separate Apple password. But sometimes in on screen guidance the Apple ID is called an Apple Password, and sometimes an Apple ID Password - and sometimes the Apple Password is referred to as an Apple ID. Then when I wanted to change my password back to the old one I had before I changed it under the impression it was an Apple ID or maybe the ther way round, it asked me daft security questions such as what was my favourite book as a child, which for a child who read as much as I did was just unanswerable... Apple!!!!! And they don't even pay their taxes. A pity really they make such good machines. |
|
Subject: RE: BS: Changing Your Password? From: JohnInKansas Date: 31 Jul 13 - 03:47 PM For most sites, the "security questions" are something you have to set up when you create (or change) the account settings, and the answers you give have to match what you gave during the setup. The sites generally have a set of "standard questions" but security advisors recommend that you ALWAYS LIE with the answers you give. Example: "Hospital where you were born" would be "Rosie's Saloon" or "Harold's Barber Shop." (Unless one of those actually is where you were born.) Example: "Your first pet's name" would be "Vlad the Impaler," or Barklay Beaversdorf," or "Sweet Betsy from Pike," perhaps. (Unless you never had a pet and Sweet Betsy actually was the "first dog" you dated? .) John |
|
Subject: RE: BS: Changing Your Password? From: McGrath of Harlow Date: 31 Jul 13 - 05:44 PM Trouble with that is you have to write down the answers somewhere if you're going to have a hope of being able to use them when you need them. And that's a risk in itself, and probably a bigger one. Just try to remember those answers there in a week's time, John, let alone a year or so. |
|
Subject: RE: BS: Changing Your Password? From: DrugCrazed Date: 31 Jul 13 - 06:48 PM Pah, that's why I have LastPass! Seriously, LastPass is amazing (and free!) |
|
Subject: RE: BS: Changing Your Password? From: JHW Date: 01 Aug 13 - 05:00 AM Joe's your best bet. I tried to retrieve my Mudcat PW earlier this year. Four times the robots told me they'd sent it as an email but were lying. Joe found it for me and noted that the system does not work. My GP (doctor) surgery insists on a password with text, numbers and symbols. No way I could invent such a one that I'd remember so stuck with the impossible to remember one they sent and wrote it down! |
|
Subject: RE: BS: Changing Your Password? From: GUEST,Shimrod Date: 01 Aug 13 - 07:05 AM "Trouble with that is you have to write down the answers somewhere if you're going to have a hope of being able to use them when you need them. And that's a risk in itself, and probably a bigger one. Just try to remember those answers there in a week's time, John, let alone a year or so." Yep! I agree. You have to have passwords for everything these days - if you want to scratch your nose or cough, you need passwords. I defy anyone to remember 2,322,601 passwords (especially extra-secure ones involving letters, numbers, upper and lower case, symbols etc.). I've heard of things like 'Last Pass' - but you need a password for that and if you forget it, you're f****d! |
|
Subject: RE: BS: Changing Your Password? From: McGrath of Harlow Date: 01 Aug 13 - 07:20 AM So you have to write it down somewhere, which means it can be found. Or your house burns down. Or you do somehow manage to commit it to memory, and then you have a stroke... |
|
Subject: RE: BS: Changing Your Password? From: JohnInKansas Date: 01 Aug 13 - 08:10 AM About the only real problem I have with a password protected account is with the couple of sites where my former employer insists I should get all my information about my retirement account and my insurance. They insist that you should must your "real name" as the username, but apparently there are a whole lot of people in their system with the same username they insist I use, so there are lots of "accidental attempts" to log in on my accounts. In the case of duplicate usernames, they apparently try to match up the account based on the password their automated system thinks you try to use(?). As a security feature, they impose a "three strikes and out" rule, meaning that three failed attempts to log into an account locks the account until you get them to reset a new (random) password for you. When I tried using their system, I was able to log in successfully twice, in about the first 15 attempts (I've got a list - dates and times of attempts - somewhere). Getting a new password successfully applied required a minimum of four attempts the half dozen times it actually worked at all. Neither the new password they assigned, nor the password that I reset immediately after getting a their reset, ever worked twice. They get really pi**ed when I telephone, put the speaker on, and do something useful for the 20 to 50 minutes it takes for them to run out of recorded messages and put a person on, but it just isn't worth my attention to try to use their "web system." I made one login attempt about 14 years ago to make sure the account was securely "locked" and haven't been back. Fortunately the need to communicate with them is very rare, and I'm learning to understand swahili and urdu accents fairly well from talking to their "real person agents," although a couple of times I've had to hang up and call back when I got one who was completely unintelligible. ("I've got a really bad connection. Let me hang up and try again.") John |
|
Subject: RE: BS: Changing Your Password? From: kendall Date: 01 Aug 13 - 04:15 PM I use a word that is not in the dictionary. That probably wont trip a real hacker. |
|
Subject: RE: BS: Changing Your Password? From: Joe Offer Date: 02 Aug 13 - 02:49 AM Hi, Drug Crazed - Sorry I was a little slow to respond. This is the first day I was allowed to drive after my carotid artery surgery, so I was out doing the town. I changed your password, as requested. Be advised, however, that Mudcat is not really a secure site, so a really fancy password doesn't make a whole lot of difference. Your old password suited Mudcat's level of security just fine. We're reasonably secure, but don't go sending credit card information through our personal messages. That being said, I must also say that we really haven't had any security problems. Our level of security is certainly adequate for a discussion forum. Max had me take over management of the registration database a few years ago because we had some people signing up under false names for the purpose of harassing Mudcatters. I think the current system works pretty well. I've been able to handle all correspondence in less then two days, even when I was in Egypt. Usually, you'll hear back from me in less than 12 hours, sometimes up to a day. I get a kick out of it when people try to disguise my e-mail address when they post it in the Forum here. They'll put "joe-at-mudcatdotorg" or something like that (bobad did it right, above). There's no need for that - my e-mail got on the spam lists long ago, so I have to sort out Mudcat requests amongst the Russian Spam. It really helps if you put the word "Mudcat" and membership, password, or whatever in the title of your e-mail. It helps me sort it out. And feel free to post my e-mail address, joe@mudcat.org -Joe Offer- joe@mudcat.org |
|
Subject: RE: BS: Changing Your Password? From: DrugCrazed Date: 02 Aug 13 - 10:01 AM Hi Joe, I changed the password because I was changing all of them anyway. I'm a sucker for a high score in something that doesn't mean anything, in this case my password security ;-) |
|
Subject: RE: BS: Changing Your Password? From: JohnInKansas Date: 02 Aug 13 - 01:33 PM a password with text, numbers and symbols. No way I could invent such a one that I'd remember A password with 6 characters all of which are letters lets you choose any one of 266 possibilities. (~308,915,776 choices). If the site uses 26 letters and ten number digits the number of possibilities is 366. (~2,176,782,336 choices) If the site uses 26 letters, ten number digits, and another 10 non-alpha characters ($@#!%^&_~-') the number of possibilities is 466 (~9,474,296,896 choices) As long as your password has 6 characters, it doesn't really matter whether some of them are numbers or other characters. It's the number of characters the site recognizes that determines how many combinations a "brute force" search for the one that works must try. Using 8 characters instead of 6, with only the 26 alphabetical letters allowed gets 268 possibilities (~2,088,270,600,000 choices) which is "almost as secure" as 6 characters that can be any of 46 possible ones. With 8 characters, and a character set of 46 letters, numbers, and symbols you get to 468 possible passwords (~20,047,612,000,000 choices for a password) which is getting close to where a brute force attack might take "several seconds" to "break" with a good hacking program. Always use the "longest" password the site allows, if the site limits you to anything less than 10 or 12 "characters." For sites that require you to mix letters and numbers/symbols, many people choose a word that's easy to remember and just replace "e" with "3," "o" with "0," and "s" with "5" ("numb3rs" is famous on US TV? but you could spell it "numb3r5") - but these substitutions are so common that the hackers check them early in a trial and error search. They do allow you to have a "rememberable" password that the site will allow you to use. One current benchmark for a "secure password" is that it should be a character string with >2,000 characters, using at least 50 characters in its character set. It's impractical for most uses to be truly "secure," but you can be "mildly annoying" to even determined hackers. John |
|
Subject: RE: BS: Changing Your Password? From: McGrath of Harlow Date: 02 Aug 13 - 02:04 PM Why is this thread twinned with itself? On my computer anyway (and the only one that is) |
