Author Message
PostPosted: Wed Oct 25, 2017 7:49 pm    Post subject:

This bit me again today. I had to reset my password, and the reset page initially accepts my password that is long and includes special characters. When I go to log in a second later, I get the bad password error. In the end I had to use something simpler and less secure to use this site. (And also got dinged with the 'weak password' notice)

Please just let us use the standard special characters and a sensible upper length limit, like 255. The passwords shouldn't be stored anyway, only the salted hashes of them, so the database length could be lower and not need special characters. If you're not using salted hashes, you're gonna have a bad time once the username and passwords get hacked and your source of income is lost.
PostPosted: Tue Aug 15, 2017 5:21 pm    Post subject:

Do NOT change your Ebay password to match the one you use for your Gixen id.

Part of the point of of having different requirements for passwords IS to force you NOT to use the same one for Ebay and Gixen.

The other part is to increase YOUR security, having the same password for different things is NOT a good idea.
PostPosted: Tue Aug 15, 2017 3:45 pm    Post subject: Registering and stuck on password

Many sites use and require special characters in passwords. While ebay does not it allows them. I tried changing my ebay password to conform to Gixen but I kept running into matching old passwords.
I have a stack of 8 passwords that I use so that I am not forever going to a .txt file to refresh my memory.
What is the great technical barrier to using special characters?
PostPosted: Sun Aug 13, 2017 10:09 am    Post subject:

Yes, it's silly to have password restrictions like that. Any UTF8 character should be allowed, and the max should be something like 255. You're only storing the hashes of the passwords anyway, right??? Right??? There should be some stack-overflow code you can copy and paste if your having trouble with this in PHP.
PostPosted: Wed Aug 02, 2017 5:31 am    Post subject: Password restrictions

I think its pretty horrible to limit passwords to numbers and letters only.

Powered by phpBB © 2001, 2005 phpBB Group