We have detected that cookies are not enabled on your browser. Please enable cookies to ensure the proper experience.
Results 1 to 20 of 20
  1. #1
    Join Date
    Jan 2008
    Location
    Somewhere over the rainbow
    Posts
    7,563

    I noticed the forum login now shows your password strength...

    Thanks to the addition of a "Password Strength" indicator, I'm now going to ignore all such indicators wherever they are.

    My password has now been called weak, medium, and strong by a variety of websites. In other words, no one actually has a clue what they're talking about.

    So.... yeah.

    (and yes, I know password strength is negligible anyways - user "strength" in not being stupid with it is all that matters)
    [center]"The rejection of grammatical correction is proof of the level of intelligence hinted at by your writing."

    [color=orange]Now please keep this discussion on topic or you may be reported for causing time mismanagement[/color]

    [color=gray]Llydia[color=blue] - 65 Rune-keeper |[/color]Dawnn [color=blue] - 65 Champion |[/color] Anthari[color=blue] - 65 Lore-master |[/color] Thisnameisavailable Ornot[color=blue] - 65 Guardian
    [/color] Firstaidkit[color=blue] - 65 Minstrel |[/color] Malaysia [color=blue] - 65 Waden |[/color] Kornur[color=blue] - 52 Hunter |[/color] Caly[color=blue] - 40 Burglar |[/color] Dharkan Rahl[color=blue] - 40 Captain[/color][/color][/center]

  2. #2

    Re: I noticed the forum login now shows your password strength...

    I too will probably ignore it. A password i once used was literally a random bunch of letters and numbers generated for me for a website, and i memorized it and used to use it frequently. Not related to me at all; i don't see how anyone could ever crack it(but they'd probably find a way, knowing my luck). I've got several more on standby, too.

    It's been deemed weak and medium, but never strong. They don't help, much....
    [charsig=http://lotrosigs.level3.turbine.com/04208010000220581/signature.png]Luzmarsh[/charsig]

  3. #3

    Cool Re: I noticed the forum login now shows your password strength...

    It's the sites that tell you what "must" be in your password 1e... at least 1 number ect...
    they just told every hacker in the world what to look for in your password
    How someone who demands that ever got into an IT possion is beyound me
    & they have the nerve to rate that password as stronge
    [charsig=http://lotrosigs.level3.turbine.com/03202000000001fbe/01007/signature.png]Tarros[/charsig]

  4. #4
    Join Date
    Dec 2007
    Posts
    8,694

    Re: I noticed the forum login now shows your password strength...

    Quote Originally Posted by sir-rinthian View Post
    My password has now been called weak, medium, and strong by a variety of websites. In other words, no one actually has a clue what they're talking about.
    Well of course not! There's no such thing as an international standards body that decides what's weak or strong. It's all just some heuristics (ie, guesses). Everyone does this. It is not a Turbine problem.

    All they're doing is checking that you have a mix of letters, upper/lower case, numerals, punctuation, length, etc.

    If any site says your password is "weak" then I would suggest that maybe you could improve it somehow and they have an actual reason for this. Maybe it won't matter actually, but it's better than just saying that they're clueless.

  5. #5
    Join Date
    Jan 2011
    Location
    YVR
    Posts
    739

    Re: I noticed the forum login now shows your password strength...

    Quote Originally Posted by Torvered View Post
    I too will probably ignore it. A password i once used was literally a random bunch of letters and numbers generated for me for a website, and i memorized it and used to use it frequently. Not related to me at all; i don't see how anyone could ever crack it(but they'd probably find a way, knowing my luck). I've got several more on standby, too.

    It's been deemed weak and medium, but never strong. They don't help, much....
    Everyone needs different passwords for different things.

    The password one uses for their online banking should not be the same password they are using to sign up for strange gaming websites based in Russia.

    A person should have at least three passwords that they use for certain types of websites. One they use only for websites that contain very important personal information .... email, online banking, etc.

    Another for sites such as LotRO, PayPal, eBay, etc.

    And another for signing up to forums and the like.

    One simple method for creating a strong password that you can easily memorize is to choose something you enjoy, and then choose something specific from that area. Let's say you like Football a lot ... pick some player ... perhaps Joe Montana ... joemontana will form the base of your password ... now substitute numbers for letters ... j03m0nt4n4 ... now substitute some non-alphanumerics where appropriate ... in this case we'll substitute for the M in montana with bar-forward slash-backslash-bar. j03|\/|0nt4n4 ... and there you go ... you now have a strong password. To make it even a little harder to break ... take one of the numbers and continue to use it as a letter ... the first A for instance .... now you have j03|\/|0ntan4 ... though better to use a player who is more obscure.

    I have about 8 passwords I cycle through.
    Last edited by Chiot; Mar 26 2011 at 08:25 PM.

  6. #6
    Join Date
    Mar 2010
    Location
    Cincinnati, Ohio
    Posts
    430

    Re: I noticed the forum login now shows your password strength...

    Lastpass... best password manager ever. Generates random passwords, removes them from your browser history so the information isn't stored in an easily accessible place by unwanted intruders and works with chrome, IE, firefox and opera. Also has form filling capabilities.

    I use it for everything and have never found a need for anything else.
    [CENTER][B]Brandywine[/B]
    [URL="http://my.lotro.com/home/character/1420476/144678138032277804/"]Airadis - Loremaster[/URL] | [URL="http://my.lotro.com/home/character/1420476/144678138032259216/"]Airaeth - Hunter[/URL] | [URL="http://my.lotro.com/home/character/1420476/144678138032422006/"]Carabell - Burgler[/URL] | [URL="http://my.lotro.com/home/character/1420476/144678138032338681/"]Lilymaebell - Warden[/URL] | [URL="http://my.lotro.com/home/character/1420476/144678138032267848/"]Lirraneth - Minstrel[/URL] | [URL="http://my.lotro.com/home/character/1420476/144678138032382543/"]Sharlean - Captian[/URL] | [URL="http://my.lotro.com/home/character/1420476/144678138032260593/"]Wynterarwyn - Runekeeper[/URL][/CENTER]

  7. #7
    Join Date
    Nov 2010
    Posts
    8

    Re: I noticed the forum login now shows your password strength...

    It is all pretty much a bunch of people worrying about nothing. They read about how you can brute force guess the passwords in seconds. What they fail to mention this is based on the ability to get the password in encrypted form to run against. This is all based on the old days where you could get the unix userid password file and feed them to your supercomputer.
    Almost all modern systems there either is no file to obtain or it is stored in a way that you cannot extract. Trying to go thought the front door and just enter random passwords into the login system will be quickly detected. Even systems that do not disable after a limited number of attempts have so much overhead that you cannot enter enough tries to be effective.
    It is the password reset thing that makes these super secret passwords a big joke. These try to use personal information that is easily stolen or known by other people.

    Mostly these password strength things are to make people feel happy. The actual account exploits are due to things like keyboard loggers or stupid bugs in the code.

  8. #8

    Re: I noticed the forum login now shows your password strength...

    Quote Originally Posted by MrsAngelD View Post
    Lastpass... best password manager ever. Generates random passwords, removes them from your browser history so the information isn't stored in an easily accessible place by unwanted intruders and works with chrome, IE, firefox and opera. Also has form filling capabilities.

    I use it for everything and have never found a need for anything else.
    Thanks for that! it will certainly help me. I prefer passwords that can't be attributed to anything that exists in real life to minimize the risk of someone finding it out, hence those types.
    [charsig=http://lotrosigs.level3.turbine.com/04208010000220581/signature.png]Luzmarsh[/charsig]

  9. #9
    Join Date
    Sep 2010
    Location
    Los Angeles
    Posts
    358

    Re: I noticed the forum login now shows your password strength...

    If it tells you strong, doesn't mean it's really strong and uncrackable but if it tells you the password is weak, then it's WEAK FOR SURE; meaning, CHANGE IT NOW.

    Security is never about being 100% safe ('coz it's impossible) but risk mitigation.
    [charsig=http://lotrosigs.level3.turbine.com/042080000001e3637/01008/signature.png]undefined[/charsig]

  10. #10

    Re: I noticed the forum login now shows your password strength...

    my password is more than 10 characters long and has both upper and lower case letters and numbers all mixed together, I don't know how it can be given as "weak". It would be something impossible to guess, you would need to run every alpha-numeric combination to crack it or get it via a keylogger or some other dubious means.

  11. #11
    Join Date
    Feb 2007
    Location
    Long Cleeve, Northfarthing
    Posts
    2,233

    Re: I noticed the forum login now shows your password strength...

    Quote Originally Posted by sir-rinthian View Post
    My password has now been called weak, medium, and strong by a variety of websites. In other words, no one actually has a clue what they're talking about.
    If you're actually *using* that same password on a variety of websites, I certainly have a strong clue as to which one of those pronouncements was accurate... though perhaps for the wrong reasons.

    Your password is no stronger than the weakest protection system in place on any of the websites for which you use it.
    Tuco of the Quick Post

  12. #12

    Re: I noticed the forum login now shows your password strength...

    Quote Originally Posted by Zvim666 View Post
    my password is more than 10 characters long and has both upper and lower case letters and numbers all mixed together, I don't know how it can be given as "weak". It would be something impossible to guess, you would need to run every alpha-numeric combination to crack it or get it via a keylogger or some other dubious means.

    Add a special character in there ($#%^&*(*) and it will jump to strong. It just increases the number of combinations possible to make a brute force attack take too long.
    [charsig=http://lotrosigs.level3.turbine.com/0520a000000120b21/01000/signature.png]Magrom[/charsig]
    "I look forward to your MMO" ; "Those are horsepants."; "I'm working. My hands burn with the fury of a thousand suns: the forums would not survive many posts from me. Count yourselves lucky." - Floonisms by Floon. You are missed!

  13. #13

    Re: I noticed the forum login now shows your password strength...

    How does Lastpass compare with 1Password?
    [charsig=http://lotrosigs.level3.turbine.com/0e21500000006cb29/01004/signature.png]undefined[/charsig]

  14. #14
    Join Date
    Mar 2010
    Location
    Cincinnati, Ohio
    Posts
    430

    Re: I noticed the forum login now shows your password strength...

    Quote Originally Posted by Grendaran View Post
    How does Lastpass compare with 1Password?
    Can't say I never used it.
    [CENTER][B]Brandywine[/B]
    [URL="http://my.lotro.com/home/character/1420476/144678138032277804/"]Airadis - Loremaster[/URL] | [URL="http://my.lotro.com/home/character/1420476/144678138032259216/"]Airaeth - Hunter[/URL] | [URL="http://my.lotro.com/home/character/1420476/144678138032422006/"]Carabell - Burgler[/URL] | [URL="http://my.lotro.com/home/character/1420476/144678138032338681/"]Lilymaebell - Warden[/URL] | [URL="http://my.lotro.com/home/character/1420476/144678138032267848/"]Lirraneth - Minstrel[/URL] | [URL="http://my.lotro.com/home/character/1420476/144678138032382543/"]Sharlean - Captian[/URL] | [URL="http://my.lotro.com/home/character/1420476/144678138032260593/"]Wynterarwyn - Runekeeper[/URL][/CENTER]

  15. #15
    Join Date
    Jun 2010
    Location
    Sterling Heights, MI, U.S.A.
    Posts
    1,546

    Re: I noticed the forum login now shows your password strength...

    More than you ever wanted to know about Passwords and the standards and Standards Bodies that determine what is a weak to strong passwords.

    http://en.wikipedia.org/wiki/Password_strength

    If you have a question about your password this will answer it for you.

    Weak is easy to guess/break, strong is a INSERT BAD WORD HERE to guess or break...
    Last edited by Gandolf_TheOld; Mar 27 2011 at 03:53 PM.
    Ujest - 105 Lore-master, Opun - 76 Warden, plus alts and mules
    Pipeweed and Ale, Arkenstone (formerly Friends of Frodo Vilya)

  16. #16

    Re: I noticed the forum login now shows your password strength...

    Quote Originally Posted by sir-rinthian View Post
    Thanks to the addition of a "Password Strength" indicator, I'm now going to ignore all such indicators wherever they are.

    My password has now been called weak, medium, and strong by a variety of websites. In other words, no one actually has a clue what they're talking about.

    So.... yeah.

    (and yes, I know password strength is negligible anyways - user "strength" in not being stupid with it is all that matters)
    Dude do you seriously use the same password for that many websites? I hope you at least keep your email passwords unique, jeez.

  17. #17
    Join Date
    Sep 2007
    Location
    Greenwoods of Oregon
    Posts
    691

    Re: I noticed the forum login now shows your password strength...

    Bringing up the past I know, but his weekend I changed passwords for my wife and myself and the forum password advisor said it was med strength. Well, logging in later, I informed me that the strength was weak again. So I assumed it was still set to the old password on remember and backspaced the old out and input the new...med strength. Well this kept happening and then I tried to just log in using the remembered password. Turns out it is the new one but for some reason the password strength adviser wont recognize it as med strength until I delete the stored info and re-input the data. Weird. Just thought it worth mentioning.

  18. #18
    Join Date
    Dec 2007
    Posts
    8,694

    Re: I noticed the forum login now shows your password strength...

    It tells you the strength as you type it. It always starts out "low" because there's no password typed in yet. There's no "remember" password option that I can remember (if there is one, it's always a bad idea to use them).

  19. #19
    Join Date
    Feb 2008
    Posts
    2,540

    Re: I noticed the forum login now shows your password strength...

    Quote Originally Posted by MilkPudding View Post
    If it tells you strong, doesn't mean it's really strong and uncrackable but if it tells you the password is weak, then it's WEAK FOR SURE; meaning, CHANGE IT NOW.

    Security is never about being 100% safe ('coz it's impossible) but risk mitigation.
    Except my password, the same one, a difficult mix has been rated as weak, as well as strong now on several log ins. Not sure how it can be both, guess it depends on the mood of the server when I log into the forums.
    [charsig=http://lotrosigs.level3.turbine.com/082070000001987d6/signature.png]Grifinor[/charsig]

  20. #20
    Join Date
    Sep 2007
    Location
    Greenwoods of Oregon
    Posts
    691

    Re: I noticed the forum login now shows your password strength...

    Quote Originally Posted by Lohi View Post
    There's no "remember" password option that I can remember (if there is one, it's always a bad idea to use them).
    No that option is browser specific...I just find it weird that on the web page it will say weak until I delete the browser remembered password and re-input the exact same password.

 

 

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

This form's session has expired. You need to reload the page.

Reload