Attention - Password and Security Update - Page 2 - 2014+ Jeep Cherokee Forums
User Tag List

 24Likes
Reply
 
LinkBack Thread Tools
post #11 of 39 (permalink) Old 06-15-2016, 09:15 PM
Hardcore Member
 
IRSmart's Avatar
 
Join Date: Jan 2015
Posts: 635
Garage
Quote:
Originally Posted by Rojhan View Post
That's an intriguing comment based on your username.

I wouldn't be too worried about somebody guessing or brute-forcing my password on a community forum. The larger problem, however, is that there is a strong tendency for password re-use. If "fluffy" gets exposed as a password on this (or any other size) and "you" use the same password on your banking site, there isn't much of a leap to watching your account get emptied. Combine that with the also increasing trend to use e-mail address as an authenticator, and the only thing that's protecting your information is a strong password.

FTR; all of my passwords are at *least* 10 characters long, mixed-case, alphanumeric + special, and aren't re-used. I use an encrypted password safe with a passphrase to keep track of them. I also own my own domains, so I use a different email address for every site/account, which strengthens the authenticator.

https://www.entrepreneur.com/article/246902

If you want to dig into the muck, there is a much more detailed article based on real-life example at https://nakedsecurity.sophos.com/201...aphic-blunder/
My username is intended to be a bit ironic

I completely understand and agree with everything you say. I completely get that if my password is 12345 and it gets hacked, that's completely on me. But isn't that MY choice to have a retarded password if I want to? I have two fairly complex passwords I use for everything. I can switch to my other password, that's not an issue, but here's my mentality. If my password here gets hacked, and I have a ridiculous password, isn't that my fault, not the forum's fault? Yes, everyone should have complex passwords, I just hate people making decisions "in my best interest" for me.
IRSmart is online now  
Sponsored Links
Advertisement
 
post #12 of 39 (permalink) Old 06-15-2016, 09:42 PM
Moderator
 
Join Date: Dec 2014
Location: NOVA (Ashburn), VA
Posts: 2,186
Quote:
Originally Posted by IRSmart View Post
My username is intended to be a bit ironic

I completely understand and agree with everything you say. I completely get that if my password is 12345 and it gets hacked, that's completely on me. But isn't that MY choice to have a retarded password if I want to? I have two fairly complex passwords I use for everything. I can switch to my other password, that's not an issue, but here's my mentality. If my password here gets hacked, and I have a ridiculous password, isn't that my fault, not the forum's fault? Yes, everyone should have complex passwords, I just hate people making decisions "in my best interest" for me.
Unfortunately, "in today's litigious society" (mostly in the USA, it seems), it's easier to sue somebody else rather than take responsibility for your own action. It's become in the best interest of business to put as many safety mechanisms (legal obstacles) in place to avoid the pain.

In a more charitable vein, there's an entire generation (or two) that don't have the foggiest notion of how things work under the hood and therefore don't understand the risk (not just internet).

In my less charitable, cynical view, removing signs such as "don't stop on railroad tracks", and "don't feed the bear", etc would allow natural selection to fix some of those problems...

'15 Deep Cherry Red TH w/Brown Interior. 3.2L V-6
Safety-Tec, Cold Weather, Technology, Comfort, Tow, Leather.
Gobi Stealth roof rack with ladder.
My testing platform for electronics/telemetry experimenting.
Rojhan is offline  
post #13 of 39 (permalink) Old 06-16-2016, 06:29 PM
Enthusiast Member
 
rsy8806's Avatar
 
Join Date: Apr 2014
Location: Sparks, NV
Posts: 142
Garage
So the email we get will have a new password enclosed in it then?

Sent from my SM-N920P using Tapatalk
rsy8806 is offline  
 
post #14 of 39 (permalink) Old 06-16-2016, 07:12 PM
Enthusiast Member
 
Treaty's Avatar
 
Join Date: May 2014
Location: Seattle
Posts: 372
Just wanted to speak up and say that I fully support stronger security... but I think the password requirements put in place today are a little too strict. I mean 4 of the 5 requirements seems fine... but when you throw the 5th in it just makes it more trouble than its worth sometimes, just sayin'

I predict we'll start to see a lot less posting to this forum as many people will just be frustrated trying to remember how to log in and eventually give up.

https://xkcd.com/936/

____________________________

2014 Granite V6 Trailhawk
[Comfort/Convenience | Sunroof | 8.4AN w/ Nav | 9 Speaker]
____________________________
Treaty is offline  
post #15 of 39 (permalink) Old 06-16-2016, 07:31 PM
Enthusiast Member
 
Join Date: Oct 2015
Posts: 130
you can choose to stay logged in
ups4 likes this.
pete7713 is offline  
post #16 of 39 (permalink) Old 06-16-2016, 08:21 PM
Member
 
Join Date: Feb 2014
Posts: 68
Quote:
Originally Posted by Treaty View Post
trying to remember how to log in and eventually give up
Well, there's your first problem - who remembers passwords anymore?

Use a tool to do it for you - it'll generate one in any strength you want, based on any weird requirement, unique to every web site and remembers it for you too!

Combine it with two factor from your phone, and it's about as secure as you can get these days.

********************
2014 Latitude I4 w/AD2
CherokeeOwner01 is offline  
post #17 of 39 (permalink) Old 06-16-2016, 08:55 PM
Moderator
 
SkipW's Avatar
 
Join Date: Dec 2013
Location: Midcoast Maine
Posts: 5,984
I changed my password yesterday due to the message from admins that new security measures were forthcoming....today I got an email saying I had been given a new one by management. Took me three tries to get in just now with the gibberish they sent me....then I went to change my password..twice and it was denied both times even though it met all the delightful criteria...

.
.

The best time to plant a tree was 20 years ago. The second best time is now.

http://jeepcherokeeclub.com/4-2014-j...rum-rules.html
SkipW is offline  
post #18 of 39 (permalink) Old 06-16-2016, 09:10 PM
Enthusiast Member
 
ups4's Avatar
 
Join Date: Dec 2013
Location: Sunrise, FL
Posts: 346
Garage
Quote:
Originally Posted by pete7713 View Post
you can choose to stay logged in
I've never logged out since becoming a member.

What exactly would someone do if they DID randomly choose my screen name and perchance matched it up with my password....on this site?

Clearly I wouldn't want that to happen at my banking site, but a car forum?
Ribbertw likes this.

2015 Jeep Cherokee Latitude, Bright White 2.4L I4 for me.
2015 Jeep Cherokee Latitude, Deep Cherry Red 3.2L V6 for wifey.
2008 Jeep Patriot Sport, Jeep Green for son.
ups4 is offline  
post #19 of 39 (permalink) Old 06-16-2016, 09:23 PM
Enthusiast Member
 
Ribbertw's Avatar
 
Join Date: May 2015
Location: Calgary AB
Posts: 119
Garage
J789()

Last edited by Ribbertw; 06-17-2016 at 11:11 AM.
Ribbertw is offline  
post #20 of 39 (permalink) Old 06-16-2016, 09:25 PM
Enthusiast Member
 
Ribbertw's Avatar
 
Join Date: May 2015
Location: Calgary AB
Posts: 119
Garage
&*#Hyu7

Last edited by Ribbertw; 06-17-2016 at 11:11 AM.
Ribbertw is offline  
Reply

Quick Reply
Message:
Options

Register Now



In order to be able to post messages on the 2014+ Jeep Cherokee Forums forums, you must first register.
Please enter your desired user name, your email address and other required details in the form below.

User Name:
Password
Please enter a password for your user account. Note that passwords are case-sensitive.

Password:


Confirm Password:
Email Address
Please enter a valid email address for yourself.

Email Address:
OR

Log-in









Human Verification

In order to verify that you are a human and not a spam bot, please enter the answer into the following box below based on the instructions contained in the graphic.



Thread Tools
Show Printable Version Show Printable Version
Email this Page Email this Page



  Similar Threads
Thread Thread Starter Forum Replies Last Post
Attention someone in Utah! csmithEOD Exterior 0 07-13-2014 11:55 AM
lost password Gator Jeepcherokeeclub.com Site Help 6 12-11-2013 01:40 AM

Posting Rules  
You may post new threads
You may post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On