Please update your web site to not require ridiculous passwords


#1

I have a password naming convention that fits within most websites 8 character limit… requiring 10 makes you special. There is not a damn thing special about my tablo account and the fact that you guys think you have something worth sticking a robust password on here is a joke.


#2

I don’t know about you, but my Tablo is DOD Q clearance only.


#3

Map and plans to the rebel base on mine. One of my tuners somehow connected to R2 one day, and there it was!


#4

Well shoot, you really won’t like the fact I’m using a 20 character password here then.

In seriousness, since I use a password manager I tend to go as long of a password as the site allows.


#5

Following is purely in jest.

Can count to 8!
Huzzah!

Feeling special.

Don’t worry, we still love you!

That’s not a joke…

Knock knock.
Who’s there?
Boo.
Boo who?

That’s a joke.


#6

:laughing::laughing::laughing::laughing:


#7

Me too! 1Password does wonders for my worries.


#8

So if you lose access to it are you SOL in figuring it out? I let lastpass handle the riff raff but it is still in a way where I can figure it out if I am not using a device with lastpass.


#9

As a victim of identity theft through no fault of my own I’d rather have very strong unique passwords for every site and a strong master password for LastPass, particularly for “non-critical” sites like this where I can easily have a password reset if necessary worst case.

For my critical sites (i.e. Google & LastPass) I actually use a physical hardware key.


#10

Which key? I’ve been thinking of doing the same thing (where I can).


#11

Just took delivery of one of the YubiKey 5 NFC keys. I was waiting for a key that supports FIDO2, not because it’s implemented by many services yet, but to future proof myself a bit given the keys are a bit expensive.

I also wanted something that could be used with multiple devices and right now only my phone is USB-C so going the NFC key route allows it to be used with my phone via NFC and all my other devices via USB-A.

I’m also moving from Thenticate (a variation of a Google Authenticator app) to the Yubico Authenticator app. You still scan the QR codes to add services that only support U2F (i.e. Amazon) but in order to get an actual TOTP (normally the 6 digit numerical code) you have to put the key on the phone and it authenticates it via NFC and then generates the code.


#12

I wish it was longer password requirement…level of account exposure is irrelevant to me. Stronger the better…


#13

Sounds like you’ve given a lot of thought into your choice of moving to multi-use keys, I may just have to grab one. Its funny, my google account is actually poorly secured (old password… a much simpler permutation I created long ago) considering how key it is to so many other vital accounts. I really should put a 2nd auth onto it.


#14

I would have laughed, but you butchered it. Should be DOE, not DOD.