MtnDewManiac wrote: ⤴
Sat Jan 26, 2019 12:49 am
rene wrote: ⤴
Thu Jan 10, 2019 5:03 am
xenopeek wrote: ⤴
Thu Jan 10, 2019 4:48 am
Our reason for the password requirements are clear I think.
but I'm very aware that you will continue to believe they are. Your site...
Go back and read some of the panic-laden threads that were posted shortly after this website (or one of the ones associated with it) got hit, maybe that will help.
If you're simply saying that's the reason for the current forum configuration, yes, certainly. And as I was very explicit about, my only gripe is with the overblown specificity
of the password requirements. That is, if you're saying it's also a good
reason you have just said that none of the existing password managers are by default secure, given that none go that far overboard with the specificity.
As also mentioned I find the symbols requirement to be worst. I.e., I do in fact memorize a few passwords even if they were randomly generated due to sometimes having or wanting to quickly check something when I'm not near a personal system. You try and find a percent sign while it's not displayed on some random on-screen keyboard for a five generation old iPad configured for Bulgarian. No, not making it up.
But see, this is what in the end annoys me most about "security" discussions on the general internet. Because unless you did in fact only say the first, what you seem
to be saying amounts to the usual binary, black or white, all or nothing statement so familiar from those discussions. As if I would've said that complexity of passwords is not important, period, even when all I did in fact say is that the deep specificity on this particular forum interferes with people's personal systems, even when those personal systems are very secure to begin with. All that in the form of the also usual authoritative sounding one-liner without detail or explanation due to commenter in fact being scared witless of being called
on any detail.
Yes, I'm touchy on the subject. Although quite aware it will/may sound arrogant or empty as well, I do in fact have a better than average understanding of at least the mathematics behind encryption, as such of some of the potential weaknesses. At that level, mind you; they in fact usually exist at the level of the IT sometimes, psychology usually. But it still means I can not stand the level of "pretend" that surrounds this subject on the general internet, and as sketched above.
Of course anyone feel free to alpha male the shit out of the internet in their free time but at the very least invest something
real into it...