Forums
Password with special chars
Quick find code: 278-279-869-66194880
I understand that a secure password doesn't prevent hijackings. In my opinion a secure password has nothing to do with password hijackings.
And even if RS has an early cut off points for brute force attempts, I still feel that having the ability to use special characters is a basic feature that every application nowadays should provide.
Never trust one line of defence, always create multiple
And even if RS has an early cut off points for brute force attempts, I still feel that having the ability to use special characters is a basic feature that every application nowadays should provide.
Never trust one line of defence, always create multiple
23-Dec-2020 08:43:23
Threads been moved over to a better suited section.
It's been requested for years.
Also like Top says your chances of being hacked this way are low very low. Comprehensive Account Security
It's been requested for years.
Also like Top says your chances of being hacked this way are low very low. Comprehensive Account Security
What do snowmen have for breakfast? Snowflakes!
23-Dec-2020 10:19:56
Thanks Tuffty for moving it to the correct section.
Glad to hear that it has been requested before. A bit sad that is hasn't been implemented.
I think the argument that the chances are low of it happening isn't a very good argument.
Ofcourse RS has a good first line of defence. But in case that line of defence fails, or they have a leak where user information gets out. I rather have a strong password that makes brute forcing impossible.
By the way; The chances of RS database being compromised is very small, but I hope they still hash our passwords. (I understand that this is a over the top example
)
I agree with Top Bass that forcing all kinds of rules for a password increases the likelihood for people writing it down or something. But i'm not asking to force people to use special characters. I'm simply asking to enable them so people can use them as they wish.
So to summarize: I understand that using special chars in your password isn't the holy grail that prevents you from being hacked, ever. However it's such a simple little extra security benefit. And from a development perspective, it shouldn't too difficult to support it. (depending on multiple factors ofcourse).
Even if it decreases hacks with 0.5% it would still be worth it. And I can't think of the downside when you make specials chars optional possible.
Hopefully the development team will consider it.
Glad to hear that it has been requested before. A bit sad that is hasn't been implemented.
I think the argument that the chances are low of it happening isn't a very good argument.
Ofcourse RS has a good first line of defence. But in case that line of defence fails, or they have a leak where user information gets out. I rather have a strong password that makes brute forcing impossible.
By the way; The chances of RS database being compromised is very small, but I hope they still hash our passwords. (I understand that this is a over the top example
)
I agree with Top Bass that forcing all kinds of rules for a password increases the likelihood for people writing it down or something. But i'm not asking to force people to use special characters. I'm simply asking to enable them so people can use them as they wish.
So to summarize: I understand that using special chars in your password isn't the holy grail that prevents you from being hacked, ever. However it's such a simple little extra security benefit. And from a development perspective, it shouldn't too difficult to support it. (depending on multiple factors ofcourse).
Even if it decreases hacks with 0.5% it would still be worth it. And I can't think of the downside when you make specials chars optional possible.
Hopefully the development team will consider it.
23-Dec-2020 18:51:18
Quick find code: 278-279-869-66194880 Back to Top