The New Password Rules Are Stupid - LotusTalk - The Lotus Cars Community
 30Likes
Reply
 
LinkBack Thread Tools Display Modes
post #1 of 47 (permalink) Old 06-24-2016, 06:39 AM Thread Starter
Asst. Helmet Tester
 
jet37ski's Avatar
 
Join Date: Dec 2012
Location: CA
Posts: 1,229
Garage
The New Password Rules Are Stupid

Seriously, is this turning into some cryptology forum?

I'm paraphrasing here, but (like everyone) I was forced to reset my password.

"Your new password must contain a number, a symbol, all the letters in the Aramaic languages, and a picture of your mother being embarrassed by accidental flatulence."

It's a car forum.

I understand that everyone is paranoid about their security but I'm not sure why the hell it matters if my lotustalk account is secure. I have to clutch my pearls when I think of the damage that could be done by some "hacker" assuming my identity thanks to my compromised Lotustalk password.

What if he called someone a wanker?

What if he posted pictures of my dog's sensitive bits?

Everyone would think it was me

Good luck making your new password everyone!

"I think you should name her Pippa, because she's British and has a nice looking rear end."

An ALS Ice Bucket Challenge unlike the rest The ALS Association Golden West Chapter Presents The PanAmerica Crew IBC
The most recent big adventure in the fight against ALS SailingforALS.com
and don't forget the epic charity road trip ThePanAmerica.com
jet37ski is offline  
Sponsored Links
Advertisement
 
post #2 of 47 (permalink) Old 06-24-2016, 06:55 AM
Supporting Vendor
 
shinoo's Avatar
 
Join Date: Mar 2003
Location: Murrieta, CA
Posts: 3,964
LOL, agreed. Password format proliferation is a real headache. I came up with a good one that I 'should' be able to remember...
exlondoner likes this.

InoKinetic - Tasty Bits for Your Lotus

BlackShadow Motors - Niche Car Sales, Service & Restoration

Email or call (951)296-6762 us for advice. We will respond!
shinoo is offline  
post #3 of 47 (permalink) Old 06-24-2016, 06:59 AM
Registered User
 
acslater's Avatar
 
Join Date: Feb 2014
Location: Saratoga, CA
Posts: 973
Garage
lots of people changing theirs to Pa$$w0rd
acslater is offline  
 
post #4 of 47 (permalink) Old 06-24-2016, 08:07 AM
Registered User
 
eldonz's Avatar
 
Join Date: Jul 2014
Location: Concord, NC
Posts: 842
Quote:
Originally Posted by acslater View Post
lots of people changing theirs to Pa$$w0rd
Won't work; it needs to be 10 characters in length.
eldonz is online now  
post #5 of 47 (permalink) Old 06-24-2016, 08:11 AM
Registered User
 
rb26dett's Avatar
 
Join Date: May 2007
Posts: 1,099
Quote:
Originally Posted by jet37ski View Post
Seriously, is this turning into some cryptology forum?

I'm paraphrasing here, but (like everyone) I was forced to reset my password.

"Your new password must contain a number, a symbol, all the letters in the Aramaic languages, and a picture of your mother being embarrassed by accidental flatulence."

It's a car forum.

I understand that everyone is paranoid about their security but I'm not sure why the hell it matters if my lotustalk account is secure. I have to clutch my pearls when I think of the damage that could be done by some "hacker" assuming my identity thanks to my compromised Lotustalk password.

What if he called someone a wanker?

What if he posted pictures of my dog's sensitive bits?

Everyone would think it was me

Good luck making your new password everyone!
Agreed. This is more secured than my bank password.
rb26dett is offline  
post #6 of 47 (permalink) Old 06-24-2016, 08:19 AM
Registered User
 
Join Date: Jun 2008
Posts: 2
It is stupid

system refuses to send me a password email, so I tried all my email accounts until I found an old account I had forgotten about

security is not stronger, inconvenience increased

if they are concerned about guessing of passwords, increased password complexity is not the answer. Increasing the login time is the answer

enter username <CR>
wait xxxx clock counts
password?
enter password
wait xxxx clock counts

max guesses=10

try bruteforcing that

oh but that requires one person to write code.

much easier to inconvenience the users every single day forever

And it is a forum, if someone steals your password and does what, starts flame war and ends the world?
kgus is offline  
post #7 of 47 (permalink) Old 06-24-2016, 08:21 AM
Such moderate
 
Doge's Avatar
 
Join Date: Sep 2010
Location: USA
Posts: 6,706
Garage
Quote:
Originally Posted by acslater View Post
lots of people changing theirs to Pa$$w0rd
Quote:
Originally Posted by eldonz View Post
Won't work; it needs to be 10 characters in length.
Gotcha!
Doge is offline  
post #8 of 47 (permalink) Old 06-24-2016, 08:29 AM
Registered User
 
acslater's Avatar
 
Join Date: Feb 2014
Location: Saratoga, CA
Posts: 973
Garage
Quote:
Originally Posted by eldonz View Post
Won't work; it needs to be 10 characters in length.
Oh duh, Pa$$w0rd69
jet37ski likes this.
acslater is offline  
post #9 of 47 (permalink) Old 06-24-2016, 12:07 PM
shay2nak
 
shay2nak's Avatar
 
Join Date: Dec 2003
Location: Calipornia
Posts: 24,798
All sites are doing this now. What happened to good ol days where '12345' was good enough.
darkSol and vtalon like this.

** save ~10 lbs gain 1 hp ** EQ: Y=(190*X) / (1984-X) where Y is (HP) and X is (lbs)

'07 Lotus Exige S310


WTC 2
shay2nak is online now  
post #10 of 47 (permalink) Old 06-24-2016, 12:18 PM
Registered User
 
XHILR8N!'s Avatar
 
Join Date: Dec 2006
Location: 2 laps down
Posts: 6,691
Garage
I guess I appreciate the attention to safety, but I've heard no explanation of what any of us are being protected from. The cure sure seems worse than the (potential?) malady. And they will not quit here. Something like a terrorist act.

"The sky is falling!"

Anyone can make something complicated. It takes genius to make it simple. Einstein.
2011 Evora S Racing Heritage Edition (#3 of 4) (Now with alexsharkeyross)
2005 Elise LRG, Trim Shop interior, full cage, Cup wheels, BWR 'charger lives!
1974 Lotus Europa Special 3841R in JPS livery
2007 Toyota Tundra (about 10 cup holders), traded for 2015 Tundra TRD PRO
2007 Audi S4 DTM (RIP) 1980 Rover SD1 (new home) 2015 Honda Civic Si
2016 370Z Nismo
2013 Bentley Continental GT Speed
XHILR8N! is online now  
post #11 of 47 (permalink) Old 06-24-2016, 01:01 PM
Registered User
 
Join Date: Jan 2016
Posts: 65
Not a big deal...if this is what it takes to participate in this forum...SO BE IT!
Poorichard is offline  
post #12 of 47 (permalink) Old 06-24-2016, 01:49 PM
UK Exile

 
exlondoner's Avatar
 
Join Date: Aug 2007
Posts: 1,922
I can no longer access my TransForged account even after re-setting the pw, waiting on the folks from AutoGuide to resolve it.
exlondoner is offline  
post #13 of 47 (permalink) Old 06-24-2016, 02:24 PM
Nein Kinder
 
Glen's Avatar
 
Join Date: Feb 2011
Location: Golden, Colo.
Posts: 1,568
As a precaution, I reset my (very strong and unique to this site) password several days ago but still got forced into changing it again. VerticalScope, which runs AutoGuide and LotusTalk among others, was hacked. You can read more about it here. Too bad VerticalScope isn't a little more forthcoming and a little more tech-savvy.

As far as password complexity goes, if you're not using a password manager to create, store and retrieve passwords, you should be.

Glen
LeMadChef likes this.

2011 Lotus Elise SC

Last edited by Glen; 06-24-2016 at 02:29 PM.
Glen is offline  
post #14 of 47 (permalink) Old 06-24-2016, 02:36 PM
Registered User
 
XHILR8N!'s Avatar
 
Join Date: Dec 2006
Location: 2 laps down
Posts: 6,691
Garage
Which pw manager might you recommend Glen? I've tried a couple and it just added another level of complexity and the endless change continued.

Anyone can make something complicated. It takes genius to make it simple. Einstein.
2011 Evora S Racing Heritage Edition (#3 of 4) (Now with alexsharkeyross)
2005 Elise LRG, Trim Shop interior, full cage, Cup wheels, BWR 'charger lives!
1974 Lotus Europa Special 3841R in JPS livery
2007 Toyota Tundra (about 10 cup holders), traded for 2015 Tundra TRD PRO
2007 Audi S4 DTM (RIP) 1980 Rover SD1 (new home) 2015 Honda Civic Si
2016 370Z Nismo
2013 Bentley Continental GT Speed
XHILR8N! is online now  
post #15 of 47 (permalink) Old 06-24-2016, 02:42 PM
Registered User
 
Join Date: May 2016
Location: DMV
Posts: 154
VS resolved the issue here.
TransForged is offline  
post #16 of 47 (permalink) Old 06-24-2016, 02:52 PM
Addict
 
LostPawn's Avatar
 
Join Date: Nov 2012
Location: Denver, CO
Posts: 1,101
Garage
Quote:
Originally Posted by Glen View Post
As a precaution, I reset my (very strong and unique to this site) password several days ago but still got forced into changing it again. VerticalScope, which runs AutoGuide and LotusTalk among others, was hacked. You can read more about it here. Too bad VerticalScope isn't a little more forthcoming and a little more tech-savvy.

As far as password complexity goes, if you're not using a password manager to create, store and retrieve passwords, you should be.

Glen
You mean use Excel to track all my passwords or us another program with a database that could also be hacked? I use so many different computers/phones/tablets to access various accounts I'm not sure I really trust yet another program to track all my passwords.
LostPawn is online now  
post #17 of 47 (permalink) Old 06-24-2016, 03:01 PM
Nein Kinder
 
Glen's Avatar
 
Join Date: Feb 2011
Location: Golden, Colo.
Posts: 1,568
Quote:
Originally Posted by XHILR8N! View Post
Which pw manager might you recommend Glen? I've tried a couple and it just added another level of complexity and the endless change continued.
I use KeePass. It is open source, very secure, free and easily integrated into all the systems I've run across. I access a copy of my encrypted password file on mobile devices by grabbing a copy from one of the free online storage sites. KeePass is, however, a little more technical than some competitors and the iOS apps that can read a KeePass file are a little buggy IMO.

Other options I'd look at include LastPass and 1Password. These products are a little more convenient because they provide slick interfaces on multiple platforms and take care of mobile access for you. The servers for LastPass were hacked last year, so that easy access does come with a little risk.

Quote:
Originally Posted by LostPawn View Post
You mean use Excel to track all my passwords or us another program with a database that could also be hacked? I use so many different computers/phones/tablets to access various accounts I'm not sure I really trust yet another program to track all my passwords.
Certainly not. I've written very complex programs in Excel, but would never use it as a password manager. KeePass (and many others) use the current best practices for encrypting data. It would take the fastest computer currently available hundreds of years to decrypt my password file, and that's if they had access to the keyfile (a second file, along with my password, that is required to decrypt the file) - something that will never be uploaded anywhere and only gets moved around on a FIPS 140-2 USB key. IMO, password managers provide huge benefits with very small inconveniences. There's no way I could track the hundreds of logins, passwords, security questions and associated sites in my current database without the assistance of a task-specific password manager.

Glen

2011 Lotus Elise SC

Last edited by Glen; 06-24-2016 at 03:12 PM. Reason: added reply to @LostPawn
Glen is offline  
post #18 of 47 (permalink) Old 06-24-2016, 04:34 PM
Registered User
 
XHILR8N!'s Avatar
 
Join Date: Dec 2006
Location: 2 laps down
Posts: 6,691
Garage
Someday we will back at this time, embarrassed by our primitivity. "Passwords! Hard to believe those simpletons used to use those. Constantly making everyday a hassle, exspending perfectly good cursing fits just trying to order some socks"

Anyone can make something complicated. It takes genius to make it simple. Einstein.
2011 Evora S Racing Heritage Edition (#3 of 4) (Now with alexsharkeyross)
2005 Elise LRG, Trim Shop interior, full cage, Cup wheels, BWR 'charger lives!
1974 Lotus Europa Special 3841R in JPS livery
2007 Toyota Tundra (about 10 cup holders), traded for 2015 Tundra TRD PRO
2007 Audi S4 DTM (RIP) 1980 Rover SD1 (new home) 2015 Honda Civic Si
2016 370Z Nismo
2013 Bentley Continental GT Speed
XHILR8N! is online now  
post #19 of 47 (permalink) Old 06-24-2016, 05:12 PM
Nein Kinder
 
Glen's Avatar
 
Join Date: Feb 2011
Location: Golden, Colo.
Posts: 1,568
Quote:
Originally Posted by XHILR8N! View Post
Someday we will back at this time, embarrassed by our primitivity. "Passwords! Hard to believe those simpletons used to use those. Constantly making everyday a hassle, exspending perfectly good cursing fits just trying to order some socks"
It's really irritating how many sites now force you to create an account to purchase, download, view or register something.

Quantum computing is the focus of ongoing, intense research and it has the potential to upend encryption as we know it. It makes me nervous as h*ll that my bank accounts are all accessible on line with a password. But until the day passwords are moot, it only makes sense to maximize the security they provide. VerticalScope forced a reset not only to reduce the exposure of their own customers accounts, but because login / password reuse is so common that their (VerticalScopes) weak hashing potentially exposed other accounts held by their customers.

Glen
LeMadChef likes this.

2011 Lotus Elise SC

Last edited by Glen; 06-25-2016 at 06:46 PM. Reason: changed "weak encryption" to "weak hashing"
Glen is offline  
post #20 of 47 (permalink) Old 06-24-2016, 05:52 PM
Registered User
 
srfntrf's Avatar
 
Join Date: Oct 2014
Location: Treasure Coast,Fl
Posts: 36
never had these worries on either my Smith-Corona or Royal.
Turbopun likes this.
srfntrf is offline  
Sponsored Links
Advertisement
 
Reply

  LotusTalk - The Lotus Cars Community > Community > Lotus Talk Forum Feedback and Site Issues

Quick Reply
Message:
Options

Register Now



In order to be able to post messages on the LotusTalk - The Lotus Cars Community forums, you must first register.
Please enter your desired user name, your email address and other required details in the form below.

User Name:
Password
Please enter a password for your user account. Note that passwords are case-sensitive.

Password:


Confirm Password:
Email Address
Please enter a valid email address for yourself.

Email Address:
OR

Log-in











Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools
Show Printable Version Show Printable Version
Email this Page Email this Page
Display Modes
Linear Mode Linear Mode



Posting Rules  
You may post new threads
You may post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On

 
For the best viewing experience please update your browser to Google Chrome