- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I can understand why you want the passwords to be secure, but I
think you are going ape **** with it.
This is not an banking institute, or a stock trade Web site, where sensitive financial info
is bandied around.
For of all when I get a new password, it does not recognize it.
Then it locks my account after three tries, with NO warning ahead of time.
We can't see if we have typed in the password correctly -
why can't what we type be made visible?
Finally, it don't see the need for such a restrictive policy.
Just having 8 characters of any kind should be sufficient.
Why can't we see what passwords we have already used?
I think there must be some time delay before we can use a new password, but
if we don't know about that, everything goes bananas.
Link Copied
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
We use a unified login for the forum and Intel Premier Support. The password is required to be strong. It would be inappropriate to display the password characters as you type.
Let me suggest LastPass, an excellent multi-platform and cross-browser password manager. I have used it for years. With LastPasas, you can have it generate a different, strong password for every site and just have to remember one master password.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Other Web sites have implemented easy fixes to make the process user friendly without compromising security.
I don't know of any that freeze out your account when you have problems.
When I have trouble and they send me a new temp password, it often does not recognize it.
and if I do manage to get a password that works, if does not stay that way for very long.
I thought they were supposed to last a year. So a system that remembers your password would not
reliably work in your case.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Other Web sites have implemented easy fixes to make the process user friendly without compromising security.
I don't know of any that freeze out your account when you have problems.
When I have trouble and they send me a new temp password, it often does not recognize it.
and if I do manage to get a password that works, if does not stay that way for very long.
I thought they were supposed to last a year. So a system that remembers your password would not
reliably work in your case.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Other Web sites have implemented easy fixes to make the process user friendly without compromising security.
I don't know of any that freeze out your account when you have problems.
When I have trouble and they send me a new temp password, it often does not recognize it.
and if I do manage to get a password that works, if does not stay that way for very long.
I thought they were supposed to last a year. So a system that remembers your password would not
reliably work in your case.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Other web sites have implemented easy fixes to make the process user friendly without compromising security.
I don't know of any that freeze out your account when you have problems.
When I have trouble and they send me a new temp password, it often does not recognize it.
and if I do manage to get a password that works, if does not stay that way for very long.
I thought they were supposed to last a year. So a system that remembers your password would not
reliably work in your case.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I had problems using LastPass for generating secure passwords in the past. The generated passwords were in conflict with Intel's secure password policy, and were only accepted by chance. I gave up and resumed inventing the passwords on my own according to the prescription for secure passwords. Maybe that behavior has changed in the meantime.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
A couple of things that could be done to mitigate the problem without sacrificing security:
(i) Users can enter the password in a text editor (such as Notepad), check for correctness in all aspects, then copy and paste into the IDF login box. This would take care of "...We can't see if we have typed in the password correctly -why can't what we type be made visible?" I have found this simple tactic to help especially w.r.t. characters that need the Shift key to be pressed on a keyboard with less than perfect tactile feedback.
(ii) The IDF software could allow a grace period for the necessary password changes. In other words, start showing a notice that the password change will be necessary within xxx days, giving the user time to think up a new password instead of forcing her/him to change the password on the spot after the expiration date has been crossed. My E-mail server does this, and I am grateful for that. Doing something along these lines will enable a user to avoid the unpleasant situation where, say, one logs on to IDF at an airport, is forced to change the password then and there, and forgets the new password soon after.
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page