Login is SSL protected. By clicking on "Log in Now" you agree to terms of usage.


Password restrictions

Post new topic   Reply to topic Forum Index -> Suggestions and Ideas
View previous topic :: View next topic  
Author Message

PostPosted: Wed Aug 02, 2017 5:31 am    Post subject: Password restrictions Reply with quote

I think its pretty horrible to limit passwords to numbers and letters only.
Back to top

PostPosted: Sun Aug 13, 2017 10:09 am    Post subject: Reply with quote

Yes, it's silly to have password restrictions like that. Any UTF8 character should be allowed, and the max should be something like 255. You're only storing the hashes of the passwords anyway, right??? Right??? There should be some stack-overflow code you can copy and paste if your having trouble with this in PHP.
Back to top

PostPosted: Tue Aug 15, 2017 3:45 pm    Post subject: Registering and stuck on password Reply with quote

Many sites use and require special characters in passwords. While ebay does not it allows them. I tried changing my ebay password to conform to Gixen but I kept running into matching old passwords.
I have a stack of 8 passwords that I use so that I am not forever going to a .txt file to refresh my memory.
What is the great technical barrier to using special characters?
Back to top

Joined: 09 Aug 2007
Posts: 6763
Location: Bristol, UK

PostPosted: Tue Aug 15, 2017 5:21 pm    Post subject: Reply with quote

Do NOT change your Ebay password to match the one you use for your Gixen id.

Part of the point of of having different requirements for passwords IS to force you NOT to use the same one for Ebay and Gixen.

The other part is to increase YOUR security, having the same password for different things is NOT a good idea.
Back to top
View user's profile Send private message

PostPosted: Wed Oct 25, 2017 7:49 pm    Post subject: Reply with quote

This bit me again today. I had to reset my password, and the reset page initially accepts my password that is long and includes special characters. When I go to log in a second later, I get the bad password error. In the end I had to use something simpler and less secure to use this site. (And also got dinged with the 'weak password' notice)

Please just let us use the standard special characters and a sensible upper length limit, like 255. The passwords shouldn't be stored anyway, only the salted hashes of them, so the database length could be lower and not need special characters. If you're not using salted hashes, you're gonna have a bad time once the username and passwords get hacked and your source of income is lost.
Back to top
Display posts from previous:   
Post new topic   Reply to topic Forum Index -> Suggestions and Ideas All times are GMT - 8 Hours
Page 1 of 1

Jump to:  
You can post new topics in this forum
You can reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum

© 2019 Forum powered by phpBB © 2001, 2005 phpBB Group.