Attention - Password and Security Update - Toyota Prius Forum : Toyota Prius Forums
 
LinkBack Thread Tools
post #1 of 4 Old 06-14-2016, 10:53 AM Thread Starter
Administrator
 
Administrator's Avatar
 
Join Date: Feb 2010
Posts: 86
Mentioned: 0 Post(s)
Tagged: 0 Thread(s)
Quoted: 2 Post(s)
Garage
Default Attention - Password and Security Update

Hello all,

Over the next few days we will be implementing some changes to our forum password strength and password expiration policies. To make sure you continue having the best experience possible on the community, we regularly monitor the site and the Internet to keep everyone's account information safe. We've recently become aware of a potential risk to some accounts coming from outside of this community. Just to be safe, we are implementing the following changes to improve security even further:

1) We are asking everyone to change their passwords (and will force a one time reset). Along with every user on the forum, new passwords will need to be more complex, and can't be simple words (sorry, you can't have "fluffy" as your password anymore!). Please use a password unique to this community. Reusing passwords can expose your account indirectly when other websites (Twitter, Linkedin, Badoo, etc) are compromised; and

2) Your passwords will expire on a 365 day basis. When you login on the 366th day, you will have to change it.

We'll also be sending out an email to users to let them know about the changes, in upcoming weeks.

Thanks all,

Helena

Community Management

If you need Admin assistance please post here:

To view links or images in signatures your post count must be 10 or greater. You currently have 0 posts.
Administrator is offline  
Sponsored Links
Advertisement
 
post #2 of 4 Old 06-15-2016, 10:04 AM
Super Moderator
 
Join Date: May 2014
Location: N. Central Florida
Posts: 356
Mentioned: 1 Post(s)
Tagged: 0 Thread(s)
Quoted: 42 Post(s)
Default

I'm sorry but I do NOT agree with this policy.......being enforced for "normal" users.

If an ordinary user's password is compromised, it affects ONLY HIM, right ?? Then it is HIS problem and will not compromise system integrity, right ??

Now.....for Admin accounts that could do some real damage.....manbe a different story.

And.....if the forum software stores passwords in un-encrypted form, then a real system breach might get the passwords too......and how complex they are or how often they have been changed will MAKE NO DIFFERENCE at all.

And lasty, forcing users to change their passwords often usually means that they will have to write them down to remember and that in itself is a REAL security risk, as opposed to the imaginary ones causing you to be paranoid and to contemplate changes that might not be necessary or effective.

'17 Prius C-4
Easy Rider is offline  
post #3 of 4 Old 06-15-2016, 03:40 PM Thread Starter
Administrator
 
Administrator's Avatar
 
Join Date: Feb 2010
Posts: 86
Mentioned: 0 Post(s)
Tagged: 0 Thread(s)
Quoted: 2 Post(s)
Garage
Default

hey there easy rider!

A good piece of advice, to help in remembering the more complex password, is to do a phrase instead of just randomly adding in the extra requirements. this is something i do usually.

Example: BoiledCabbageis#1!

That will stick in your in your mind better as opposed to writing it on a piece of paper. i hope that helps.


also, with regards to changing your password,

You do not need to change your passwords now, As you will be prompted when everything is implemented. I would wait till you are prompted, as you would have to change it again.


cheers,


~Shane
Administrator is offline  
 
post #4 of 4 Old 06-15-2016, 08:32 PM
Super Moderator
 
Join Date: May 2014
Location: N. Central Florida
Posts: 356
Mentioned: 1 Post(s)
Tagged: 0 Thread(s)
Quoted: 42 Post(s)
Default

I was prompted today.

Your requirements are so complex that I had trouble typing the same one twice.

And you still did not offer a reason why you think this is necessary.

I do NOT think this is a good policy.
We have scant few members here as it is.
I wouldn't think you would want to risk alienating any of them without GOOD cause.

'17 Prius C-4
Easy Rider is offline  
Reply

User Tag List

Thread Tools
Show Printable Version Show Printable Version
Email this Page Email this Page



Posting Rules  
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On

 
For the best viewing experience please update your browser to Google Chrome