Attention - Password and Security Update - Lamborghini Forum
 
  homeFORUMSGARAGECALENDARADSSTAFFINFO
Go Back   Lamborghini Forum > Other > Lamborghini-Talk Site Issues Forum

Lamborghini-Talk Site Issues Forum Suggestions for changes to the site or any questions you might have.

Lamborghini-Talk.com is the premier Lamborghini All Forum on the internet. Registered Users do not see the above ads.
Reply
 
LinkBack Thread Tools
  #1 (permalink)  
Old 06-14-2016, 09:54 AM
Administrator's Avatar
Administrator
Onyx Site Supporter
 
Join Date: Sep 06 2006
Posts: 380
Gallery: 67
Default Attention - Password and Security Update

Hello all,

Over the next few days we will be implementing some changes to our forum password strength and password expiration policies. To make sure you continue having the best experience possible on the community, we regularly monitor the site and the Internet to keep everyone's account information safe. We've recently become aware of a potential risk to some accounts coming from outside of this community. Just to be safe, we are implementing the following changes to improve security even further:

1) We are asking everyone to change their passwords (and will force a one time reset). Along with every user on the forum, new passwords will need to be more complex, and can't be simple words (sorry, you can't have "fluffy" as your password anymore!). Please use a password unique to this community. Reusing passwords can expose your account indirectly when other websites (Twitter, Linkedin, Badoo, etc) are compromised; and

2) Your passwords will expire on a 365 day basis. When you login on the 366th day, you will have to change it.

We'll also be sending out an email to users to let them know about the changes, in upcoming weeks.

Thanks all,

Helena

Community Management
__________________

To view links or images in signatures your post count must be 10 or greater. You currently have 0 posts.


To view links or images in signatures your post count must be 10 or greater. You currently have 0 posts.
- Your Premier
To view links or images in signatures your post count must be 10 or greater. You currently have 0 posts.
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote Quick reply to this message
Sponsored Links
Advertisement
 
  #2 (permalink)  
Old 06-27-2016, 10:01 AM
Junior Member
 
Join Date: Oct 19 2015
Posts: 7
Gallery: 0
Default

With all due respect, as a computer expert, I think this policy is a little misguided. Requiring a long, convoluted password, unique to this site is going to result in an avalanche of forgotten passwords, and "Password Reset" requests. The reasons behind the belief that long passwords with special characters are better are outdated. Such rules evolved to try and stay ahead of password cracking software that basically threw the dictionary at a password file, trying to crack passwords.

In 2016, however, that's not how accounts are hacked. Accounts are hacked because people use the same password across multiple sites, or they write them down, or deliberately give them to someone untrustworthy, or they leave themselves logged in and someone else bellies up to their computer.

If there's been no indication that this site has been hacked, why should everyone be required to come up with a new, extremely-complicated password every 365 days? If a password was secure yesterday, why would it be any less secure today?

The best passwords are ones that are long and easy to remember. They don't have to have special characters in them. Two random words, joined by a couple of numbers, is virtually impossible to crack, yet wouldn't pass the new constraints this site is imposing. Something like "Sicilian911Hamburg" is an extremely secure password, yet super easy to remember. But it would fail the new requirements of this site, because it doesn't have any punctuation or special characters.

I would encourage the admins of this site to reconsider the extremely constricting rules around password selection. A length requirement is fine, or even requiring a mix of upper and lowercase letters, maybe even a number. But beyond that is overkill, and only makes the passwords LESS secure, because people will have to write them down or save them somewhere insecure.

This is a car chat forum. Not a bank.

Last edited by kombat; 06-27-2016 at 10:03 AM.
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote Quick reply to this message
  #3 (permalink)  
Old 06-27-2016, 01:09 PM
Rayman's Avatar
Administrator
Onyx Site Supporter
 
Join Date: Apr 11 2004
Posts: 5,143
Gallery: 0
Default

All sites are requiring more complex passwords, so might as well deal with it.

Use Dashlane.com as a password storage. Problem solved.
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote Quick reply to this message
 
  #4 (permalink)  
Old 06-27-2016, 03:15 PM
Staysleepyc6's Avatar
Senior Member
 
Join Date: Jan 24 2016
Location: Memphis, Tn & Atlanta Ga
Posts: 130
Gallery: 0
Default

Quote:
Originally Posted by kombat View Post
With all due respect, as a computer expert, I think this policy is a little misguided. Requiring a long, convoluted password, unique to this site is going to result in an avalanche of forgotten passwords, and "Password Reset" requests. The reasons behind the belief that long passwords with special characters are better are outdated. Such rules evolved to try and stay ahead of password cracking software that basically threw the dictionary at a password file, trying to crack passwords.



In 2016, however, that's not how accounts are hacked. Accounts are hacked because people use the same password across multiple sites, or they write them down, or deliberately give them to someone untrustworthy, or they leave themselves logged in and someone else bellies up to their computer.



If there's been no indication that this site has been hacked, why should everyone be required to come up with a new, extremely-complicated password every 365 days? If a password was secure yesterday, why would it be any less secure today?



The best passwords are ones that are long and easy to remember. They don't have to have special characters in them. Two random words, joined by a couple of numbers, is virtually impossible to crack, yet wouldn't pass the new constraints this site is imposing. Something like "Sicilian911Hamburg" is an extremely secure password, yet super easy to remember. But it would fail the new requirements of this site, because it doesn't have any punctuation or special characters.



I would encourage the admins of this site to reconsider the extremely constricting rules around password selection. A length requirement is fine, or even requiring a mix of upper and lowercase letters, maybe even a number. But beyond that is overkill, and only makes the passwords LESS secure, because people will have to write them down or save them somewhere insecure.



This is a car chat forum. Not a bank.






Sent from my iPhone using Tapatalk
__________________
2017 Huracán 610-4 (on the way)
2015 650S (in shop waiting to get EVT855R kit)
2015 Rolls Royce Ghost DD
2015 Rolls Royce Wraith
2008 Hayabusa Turbo
2012 SLS AMG Conv. (wife's DD)

"The Graveyard"
2013 Zr1 875rwhp (gone but never for gotten)
2015 Mercedes-Benz G65 (gone and glad)
2009 Lamborghini Murcielago LP640 ( Totaled (♯`∧´) )
2010 Rolls Royce Ghost (gone and sad)
2015 Porsche Turbo S (sold for better)
2016 CTS-V DD (Leased ended)
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote Quick reply to this message
Sponsored Links
Advertisement
 
Reply

  Lamborghini Forum > Other > Lamborghini-Talk Site Issues Forum

Quick Reply
Message:
Options

Register Now

In order to be able to post messages on the Lamborghini Forum forums, you must first register.
Please enter your desired user name, your email address and other required details in the form below.
User Name:
Password
Please enter a password for your user account. Note that passwords are case-sensitive.
Password:
Confirm Password:
Email Address
Please enter a valid email address for yourself.
Email Address:
Security Question
**Required, this field is not shown to others. Enter ONLY vowel letters in the word: Lamborghini
Full Name
Your Full REAL Name
Insurance
Please select your insurance company (Optional)

Log-in



Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools

Posting Rules
You may post new threads
You may post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On



All times are GMT -6.
The time now is 10:52 AM.



Powered by vBulletin® Copyright ©2000 - 2020, vBulletin Solutions, Inc.
vBulletin Security provided by vBSecurity v2.2.2 (Pro) - vBulletin Mods & Addons Copyright © 2020 DragonByte Technologies Ltd.
© AutoGuide
 

Content Relevant URLs by vBSEO 3.3.2