The Lotus Cars Community banner

1 - 20 of 47 Posts

·
Asst. Helmet Tester
Joined
·
1,229 Posts
Discussion Starter #1
Seriously, is this turning into some cryptology forum?

I'm paraphrasing here, but (like everyone) I was forced to reset my password.

"Your new password must contain a number, a symbol, all the letters in the Aramaic languages, and a picture of your mother being embarrassed by accidental flatulence."

It's a car forum.

I understand that everyone is paranoid about their security but I'm not sure why the hell it matters if my lotustalk account is secure. I have to clutch my pearls when I think of the damage that could be done by some "hacker" assuming my identity thanks to my compromised Lotustalk password.

What if he called someone a wanker?

What if he posted pictures of my dog's sensitive bits?

Everyone would think it was me :surprise:

Good luck making your new password everyone!
 

·
Supporting Vendor
Joined
·
4,171 Posts
LOL, agreed. Password format proliferation is a real headache. I came up with a good one that I 'should' be able to remember...:facepalm
 

·
Premium Member
Joined
·
1,282 Posts
Seriously, is this turning into some cryptology forum?

I'm paraphrasing here, but (like everyone) I was forced to reset my password.

"Your new password must contain a number, a symbol, all the letters in the Aramaic languages, and a picture of your mother being embarrassed by accidental flatulence."

It's a car forum.

I understand that everyone is paranoid about their security but I'm not sure why the hell it matters if my lotustalk account is secure. I have to clutch my pearls when I think of the damage that could be done by some "hacker" assuming my identity thanks to my compromised Lotustalk password.

What if he called someone a wanker?

What if he posted pictures of my dog's sensitive bits?

Everyone would think it was me :surprise:

Good luck making your new password everyone!
Agreed. This is more secured than my bank password.
 

·
Registered
Joined
·
2 Posts
It is stupid

system refuses to send me a password email, so I tried all my email accounts until I found an old account I had forgotten about

security is not stronger, inconvenience increased

if they are concerned about guessing of passwords, increased password complexity is not the answer. Increasing the login time is the answer

enter username <CR>
wait xxxx clock counts
password?
enter password
wait xxxx clock counts

max guesses=10

try bruteforcing that

oh but that requires one person to write code.

much easier to inconvenience the users every single day forever

And it is a forum, if someone steals your password and does what, starts flame war and ends the world?
 

·
Registered
Joined
·
7,027 Posts
I guess I appreciate the attention to safety, but I've heard no explanation of what any of us are being protected from. The cure sure seems worse than the (potential?) malady. And they will not quit here. Something like a terrorist act.

"The sky is falling!"
 

·
Premium Member
Joined
·
1,922 Posts
I can no longer access my TransForged account :facepalm even after re-setting the pw, waiting on the folks from AutoGuide to resolve it.
 

·
Nein Kinder
Joined
·
1,568 Posts
As a precaution, I reset my (very strong and unique to this site) password several days ago but still got forced into changing it again. VerticalScope, which runs AutoGuide and LotusTalk among others, was hacked. You can read more about it here. Too bad VerticalScope isn't a little more forthcoming and a little more tech-savvy.

As far as password complexity goes, if you're not using a password manager to create, store and retrieve passwords, you should be.

Glen
 

·
Registered
Joined
·
7,027 Posts
Which pw manager might you recommend Glen? I've tried a couple and it just added another level of complexity and the endless change continued.
 

·
Addict
Joined
·
1,298 Posts
As a precaution, I reset my (very strong and unique to this site) password several days ago but still got forced into changing it again. VerticalScope, which runs AutoGuide and LotusTalk among others, was hacked. You can read more about it here. Too bad VerticalScope isn't a little more forthcoming and a little more tech-savvy.

As far as password complexity goes, if you're not using a password manager to create, store and retrieve passwords, you should be.

Glen
You mean use Excel to track all my passwords or us another program with a database that could also be hacked? I use so many different computers/phones/tablets to access various accounts I'm not sure I really trust yet another program to track all my passwords.
 

·
Nein Kinder
Joined
·
1,568 Posts
Which pw manager might you recommend Glen? I've tried a couple and it just added another level of complexity and the endless change continued.
I use KeePass. It is open source, very secure, free and easily integrated into all the systems I've run across. I access a copy of my encrypted password file on mobile devices by grabbing a copy from one of the free online storage sites. KeePass is, however, a little more technical than some competitors and the iOS apps that can read a KeePass file are a little buggy IMO.

Other options I'd look at include LastPass and 1Password. These products are a little more convenient because they provide slick interfaces on multiple platforms and take care of mobile access for you. The servers for LastPass were hacked last year, so that easy access does come with a little risk.

You mean use Excel to track all my passwords or us another program with a database that could also be hacked? I use so many different computers/phones/tablets to access various accounts I'm not sure I really trust yet another program to track all my passwords.
Certainly not. I've written very complex programs in Excel, but would never use it as a password manager. KeePass (and many others) use the current best practices for encrypting data. It would take the fastest computer currently available hundreds of years to decrypt my password file, and that's if they had access to the keyfile (a second file, along with my password, that is required to decrypt the file) - something that will never be uploaded anywhere and only gets moved around on a FIPS 140-2 USB key. IMO, password managers provide huge benefits with very small inconveniences. There's no way I could track the hundreds of logins, passwords, security questions and associated sites in my current database without the assistance of a task-specific password manager.

Glen
 

·
Registered
Joined
·
7,027 Posts
Someday we will back at this time, embarrassed by our primitivity. "Passwords! Hard to believe those simpletons used to use those. Constantly making everyday a hassle, exspending perfectly good cursing fits just trying to order some socks"
 

·
Nein Kinder
Joined
·
1,568 Posts
Someday we will back at this time, embarrassed by our primitivity. "Passwords! Hard to believe those simpletons used to use those. Constantly making everyday a hassle, exspending perfectly good cursing fits just trying to order some socks"
It's really irritating how many sites now force you to create an account to purchase, download, view or register something.

Quantum computing is the focus of ongoing, intense research and it has the potential to upend encryption as we know it. It makes me nervous as h*ll that my bank accounts are all accessible on line with a password. But until the day passwords are moot, it only makes sense to maximize the security they provide. VerticalScope forced a reset not only to reduce the exposure of their own customers accounts, but because login / password reuse is so common that their (VerticalScopes) weak hashing potentially exposed other accounts held by their customers.

Glen
 
1 - 20 of 47 Posts
Top