suggestion - do away with the 180 day password limitation

Discussion in 'The Water Cooler' started by merk, Jan 28, 2010.

  1. merk

    merk Honorable Member

    Joined:
    Aug 11, 2009
    Messages:
    88
    Likes Received:
    1
    I'd like to request/suggest you do away with the 180 password re-use limitation. Forcing people to pick a new password is just a recipe for forcing them to always pick a new password since they (me) wont remember it and will use the password reset, at which point they'll have to pick a yet even more obscure password which they'll (me) forget, forcing a password reset ... etc etc
     
  2. iroken22

    iroken22 Extraordinary Member
    Premium Supporter

    Joined:
    Nov 10, 2008
    Messages:
    1,649
    Likes Received:
    49
    think of it this way. 180 days is half of a year!!! I mean many of my employment places make us change our password every 30 days. It is for your own security as well as many people tend to use the same password throughout the internet making it more vulnerable every day. That is my explanation as to why we have it in place.
     
  3. merk

    merk Honorable Member

    Joined:
    Aug 11, 2009
    Messages:
    88
    Likes Received:
    1
    Oh i know why they have it in place - i just dont think it's worth doing. I can understand requiring someone to have a password with at least X number of characters or having at least 1 letter and 1 number. Obviously you don't want people using 'password' as their password. But I think we're probably safe from brute-force attacks, especially when there's a 15 minute wait between 5 failed attempts. And forcing a password change and a 180 day wait is really just protection against brute force as far as i can see.
     
  4. Krypto

    Krypto Extraordinary Member
    Premium Supporter

    Joined:
    Oct 31, 2009
    Messages:
    1,107
    Likes Received:
    37
    Just got done Talking to Mike and I think he will be removing the mandatory password change every 180 days
     
  5. merk

    merk Honorable Member

    Joined:
    Aug 11, 2009
    Messages:
    88
    Likes Received:
    1
    woo hoo :) thanks! I almost forgot my password to login now :tongue:
     
  6. RAK

    RAK Extraordinary Member

    Joined:
    Jul 6, 2009
    Messages:
    2,502
    Likes Received:
    126
    Late now. But I would support merk's lonely contribution to this thread. In a security issue, it can be a good option. On a forum it should be a free choice for the members. Anyway - gone now!!
     
    #6 RAK, Jan 29, 2010
    Last edited: Feb 6, 2010
  7. Mike

    Mike Windows Forum Admin
    Staff Member Premium Supporter

    Joined:
    Jul 22, 2005
    Messages:
    8,488
    Likes Received:
    783
    Re: Mandatory Password Change

    This was a security feature for the protection of our members so that their accounts wouldn't be hacked due to having a weak password. Make sure you use a strong password that you will remember. To do this, check out this site:

    Microsoft Secure Password Checker: https://www.microsoft.com/protect/fraud/passwords/checker.aspx?WT.mc_id=Site_Link

    The mandatory password changes have been removed due to difficulties people were having with it.
     
  8. merk

    merk Honorable Member

    Joined:
    Aug 11, 2009
    Messages:
    88
    Likes Received:
    1
    thanks for doing that!
     
  9. tblount

    tblount New Member

    Joined:
    Sep 27, 2009
    Messages:
    3,537
    Likes Received:
    64
    Hate it

    I hate it. Glad it's gone. Hope I can go back to my old one so I dont have to *think* ...yeah... I should be getting paid to THINK
     
  10. cybercore

    cybercore New Member

    Joined:
    Jul 7, 2009
    Messages:
    15,823
    Likes Received:
    321
    180 days password limitation is good to me personally, but it could be worth making it optional for those who would rather not have it.
     

Share This Page

Loading...