Password nonsense

[doratheexplorer]

2 minutes ago, StationMaster said:

Said it before and I'll say it again. Athy should keep his advice away from this section of the forum.

He's not very good at taking advice, so it's rather ironic that he seems to happy to give it.

[john6767]

7 hours ago, Athy said:

Your employers must have an awful lot to hide.

Or be crap at IT by not having implemented single signon!

[Athy]

5 minutes ago, doratheexplorer said:

 

 

And I'd prefer if you didn't speculate on my gender.

Prefer away. As your name is Dora and your avatar shows a girl, surely no speculation is required.

 

Oh, unless you have stolen someone else's identity.

3 minutes ago, doratheexplorer said:

He's not very good at taking advice, so it's rather ironic that he seems to happy to give it.

 I am, I'm sure, as good as anyone else at listening to advice. Please stop looking for a fight.

[doratheexplorer]

2 minutes ago, Athy said:

Prefer away. As your name is Dora and your avatar shows a girl, surely no speculation is required.

 

Oh, unless you have stolen someone else's identity.

Dora the explorer is a cartoon character.  My avatar is a cartoon character.  I'm not a cartoon character.  Does that clear things up?

 

I don't think you're a boat that can type.

Edited December 11, 2019 by doratheexplorer

[Athy]

13 minutes ago, StationMaster said:

Said it before and I'll say it again. Athy should keep his advice away from this section of the forum.

Your statement was otiose before and it is otiose now, so please don't bother.

If you had bothered to read my posts you would see that I have given no advice - but if I want to, then I shall. Is that clear?

6 minutes ago, doratheexplorer said:

Dora the explorer is a cartoon character.  My avatar is a cartoon character.  I'm not a cartoon character.  Does that clear things up?

 

I don't think you're a boat that can type.

No it doesn't. I think you're really a cartoon character.

 

I don't know of a boat called Athy.

Edited December 11, 2019 by Athy

[Athy]

10 minutes ago, john6767 said:

Or be crap at IT by not having implemented single signon!

Didn't Signon write the Maigret novels?

[Guest]

3 minutes ago, Athy said:

Is that clear?

No it isn't. But I've given my opinion and that is enough for me.

[Athy]

5 minutes ago, StationMaster said:

No it isn't. But I've given my opinion and that is enough for me.

Then, in fact, it was clear: any member has the absolute right to offer advice as long as it does not contravene our rules. Whether that advice is heeded is up to their readers.

But, as I had offered no advice, that is not relevant in this instance.

[Arthur Marshall]

38 minutes ago, doratheexplorer said:

I'm not an identity theif so...

 

And I'd prefer if you didn't speculate on my gender.

Dora the Explorer would be generally assumed as a clue to gender, rather the Arthur in mine would be. Both assumptions could well be incorrect, of course, but you can't blame someone for making them. Mrsmelly, is of course, just confusing. 

[Arthur Marshall]

1 hour ago, David Schweizer said:

There have been a number of security issues with both PayPal abd ebay recently, and somehow they seem to be linked with thier association with Nectar card. I know it is small fry, but they managed to empty my Nectar card account through PayPal, I contacted PayPal who denied all knowledgem[, but the points returned within 48 hours, I have now disabled the link between them and Nectar.

There was a definite connection between the PayPal hack and an almost immediate Facebook hack - the latter leading to the irretrievable removal of my account. Someone repaid some cash into my PayPal account a fortnight later and I had to reactivate it to get it back, and withing five minutes there  was a renewed attempt to hack both PP and FB. PayPal still won't let me close the account. 

[doratheexplorer]

54 minutes ago, Arthur Marshall said:

Dora the Explorer would be generally assumed as a clue to gender, rather the Arthur in mine would be. Both assumptions could well be incorrect, of course, but you can't blame someone for making them. Mrsmelly, is of course, just confusing. 

Your profile states your gender.  Mine doesn't.  Your photo is of an actual human man.  Mine is a cartoon character. 

[Rob-M]

3 hours ago, doratheexplorer said:

He's not very good at taking advice, so it's rather ironic that he seems to happy to give it.

Your fighting a lost cause with Athy as he doesn't seem to want to understand that anybody can be a victim of identity fraud and that the fraudster will build a picture from many online sources taking all the snippets of information to create the big picture so they are convincing when attempting to access his bank account via the new online service that they would have requested be setup and he would know nothing about.

Edited December 11, 2019 by Rob-M
Spill chucker

[Athy]

8 minutes ago, Rob-M said:

Your fighting a list cause with Athy

What, a whole list?

Thank you for your scarcely complimentary, and misguided, remarks.

Of course I understand that anyone could be a victim of fraud. I also understand that most people aren't.

[restlessnomad]

9 hours ago, David Schweizer said:

Don't get too confident Jim. One of my Building Societies is trying to abandon passwords and are trying to persuade force me to provide a mobile phone number, so that they can text me a "once only" password which has to be entered before I can access my account. They do not seem to understand that whilst I do have a mobile phone, I have not used it since we sold the boat, and can never remember where it is or whether it is charged etc. Furthermore I have have never been able to work out how to  recieve text messages on it.

Its a good thing, you should definitely give them the mobile number where you can receive a text.

Usually banks or even gmail asks 2 things to login, one could be password and other could be a secret one time password(OTP) sent to your phone that expires within 5 mins.

That way only person with both your password and mobile phone(that gets OTP) can login.

 

For password, its best to get a big memorable phrase, get one from here if you cant think one.

https://www.useapassphrase.com/

Edited December 11, 2019 by restlessnomad

[Arthur Marshall]

18 minutes ago, restlessnomad said:

Its a good thing, you should definitely give them the mobile number where you can receive a text.

Usually banks or even gmail asks 2 things to login, one could be password and other could be a secret one time password(OTP) sent to your phone that expires within 5 mins.

That way only person with both your password and mobile phone(that gets OTP) can login.

 

For password, its best to get a big memorable phrase, get one from here if you cant think one.

https://www.useapassphrase.com/

The mobile text thing is the only way I've managed to stop the hacker from succeeding again with both PayPal and Facebook.  Interestingly, his email address (the one my FB account was re-registered to) was Russian.

[Arthur Marshall]

2 hours ago, doratheexplorer said:

Your profile states your gender.  Mine doesn't.  Your photo is of an actual human man.  Mine is a cartoon character. 

You can't get grumpy about people making assumptions based on information given.  it's how we make any sense of the world at all.  While, for example, I don't actually think Dr Bob is an actual muppet, I would assume that, as he/she/it has picked the name "Bob" he/she/it is male in the way I imagine him/her/it to be when I read his/her/its posts.  Same way, I (and presumably Athy) assumes that as you've picked the name "Dora" , you are (dividing the human race in a mostly binary fashion) probably of one of the female genders.  It's just the way we have of thinking, it doesn't mean or imply anything.  If you don't like any assumptions made, pick a gender neutral name - there's plenty about. People assume I'm somewhere on the male spectrum because I've ticked that box and the photo shows a bloke with a beard.  Neither of those might, of course, be true... but you work on the assumption that it is.  That's all, it doesn't matter.

And now back to the election, Brexit and the T&Cs... although, in reality, I'm off to play the euphonium in a band...

[restlessnomad]

1 minute ago, Arthur Marshall said:

You can't get grumpy about people making assumptions based on information given.  it's how we make any sense of the world at all.  While, for example, I don't actually think Dr Bob is an actual muppet, I would assume that, as he/she/it has picked the name "Bob" he/she/it is male in the way I imagine him/her/it to be when I read his/her/its posts.  Same way, I (and presumably Athy) assumes that as you've picked the name "Dora" , you are (dividing the human race in a mostly binary fashion) probably of one of the female genders.  It's just the way we have of thinking, it doesn't mean or imply anything.  If you don't like any assumptions made, pick a gender neutral name - there's plenty about. People assume I'm somewhere on the male spectrum because I've ticked that box and the photo shows a bloke with a beard.  Neither of those might, of course, be true... but you work on the assumption that it is.  That's all, it doesn't matter.

And now back to the election, Brexit and the T&Cs... although, in reality, I'm off to play the euphonium in a band...

you spent too much time on brexit/election thread, like me.

[smiler]

11 hours ago, Athy said:

Your employers must have an awful lot to hide.

American company, they do have some strange work ethics sometimes

[Sea Dog]

12 minutes ago, smiler said:

American company, they do have some strange work ethics sometimes

Particularly when it comes to security. They're reluctant to let you go to the toilet alone until they know your security clearances - then its hard to stop the "show and tell" fest whether you "need to know" or not... or even want to!  

[TheBiscuits]

10 hours ago, DHutch said:

Mike, how many times has someone broken into your home and stolen you password crib-sheet? If the answer is other than never, how many times have they then used it to log into the canal forums? I think the risk is low.

That would explain some of @Mike the Boilerman's past posts ...

[rasputin]

On 11/12/2019 at 11:29, DHutch said:

The site password requirements 'Strong' a mixture of upper and lowercase characters, numbers and special characters minimum 8 characters, which somewhat plays to the old fashioned hard for humans easy for machines requirement rather than a longer more human friendly option, however it also fits with requirements for other sites.

 

From what I know if the algorithm put more focus on length, but equally it will accept 'B0at12345' as an option, so it doesn't have to be a 24 digit hexadecimal code.

 

It might be that we can reasonably drop the strength requirement to 'Fair' which would allow simpler combinations of password. But equally there is actually very little harm in the case of our site in writing down the password, unlike bank details, the risk of attack coming someone stealing items from without your home is very low. Even with bank details, depending how and where your right them, the risk of a local attack is far lower than from an  online source. 

 

 

Daniel

yes please. my normal lower case, upper case, numbers, symbols, password comes up as fair, I have no idea what my password is for the site now as I had to add several characters before it became strong. 

Edited December 13, 2019 by rasputin
sp