Gammon Forum
See www.mushclient.com/spam for dealing with forum spam.
Please read the MUSHclient FAQ!
![[Folder]](/images/open_folder.gif)
Entire forum
Forum
Announcements
![[Subject]](/images/open_subject.gif)
Tighter rules for passwords
|
Tighter rules for passwords
|
Postings by administrators only.
![[Refresh]](/images/refresh.gif)
Refresh page
| Posted by
| Nick Gammon
Australia (22,884 posts) ![[Biography]](/images/bio.gif) bio
Forum Administrator |
| Date
| Sun 13 Nov 2016 12:43 AM (UTC) Amended on Sun 13 Nov 2016 11:12 PM (UTC) by Nick Gammon
|
| Message
| Due to recent issues, the forum software now imposes tighter rules for your passwords if you choose to change them from the default one the forum issues.
Rules for passwords
- Must be at least 10 characters long. Can be up to 50 characters long.
- Must contain at least two numbers, two upper-case letters, two lower-case letters, and two punctuation characters.
- Must not be in a dictionary of the most common 100 passwords (eg. "password" or "letmein")
- May not consist of more than 4 of the same character in any position (eg. "A1A2A3A4" would not be allowed).
- May not contain sequences of 3 or more characters going up or down (eg. "abc", "456", "ZYX", "765").
- May not contain repeats of 3 or more characters in a row (eg. "aaa" or "666" would not be allowed).
- May not end with a number (so you can't just add numbers to a word, like "gorilla489")
- May not contain part of your user name (so if your name is "Barbara" the password can't be "barb9642")
Since the password isn't echoed as you type it, you may well want to type it into a text editor in case it gets rejected (because otherwise, you'll have to type it in again).
A more sensible solution is to use a password safe, like KeePass (Windows) or KeePassX (OS/X and Linux) which also generates random passwords for you.
Regrettably, the days of easy-to-remember passwords are effectively over. If you can remember it, it isn't secure. A possible exception would be a long phrase like "Correct.Horse.42.Battery.Staple". That follows the above rules (of course, don't use that exact phrase).* See Password Strength - xkcd cartoon.
* It doesn't follow the above rules any more because those words are now in the disallowed dictionary of common words. However the concept would follow the rules. Just choose different words. |
- Nick Gammon
www.gammon.com.au, www.mushclient.com | ![[Go to top]](/images/gototop.gif) top |
|
The dates and times for posts above are shown in Universal Co-ordinated Time (UTC).
To show them in your local time you can join the forum, and then set the 'time correction' field in your profile to the number of hours difference between your location and UTC time.
6,876 views.
Postings by administrators only.
Refresh page
top
Quick links:
MUSHclient.
MUSHclient help.
Forum shortcuts.
Posting templates.
Lua modules.
Lua documentation.
Information and images on this site are licensed under the Creative Commons Attribution 3.0 Australia License unless stated otherwise.
![[Home]](/images/home.gif)
![[Downloads]](/images/downloads.gif){kind=small}
![[Search]](/images/search.gif){kind=small}
![[Help/forum]](/images/forum.gif){kind=small}
![[RH click to get RSS URL]](/images/xml.gif){kind=small}
Forum RSS feed ( https://gammon.com.au/rss/forum.xml )
![[Best viewed with any browser - 2K]](/images/anybrowser2.gif "Best viewed with any browser"){kind=small}
![[Hosted at FutureQuest]](/images/futurequest.gif "Hosted at FutureQuest")