Betta Fish Forum banner

1 - 20 of 38 Posts

·
Administrator
Joined
·
1,223 Posts
Discussion Starter #1
Hey Team,

Over the 2 weeks we will be implementing some changes to our forum password strength and password expiration policies. To make sure you continue having the best experience possible on the community, we regularly monitor the site and the Internet to keep everyone's account information safe. We've recently become aware of a potential risk to some accounts coming from outside of this community. Just to be safe, we are implementing the following changes to improve security even further:

1) We are asking everyone to change their passwords (and will force a onetime reset). Along with every user on the forum, new passwords will need to be more complex, and can't be simple words (sorry, you can't have "fluffy" as your password anymore!). Please use a password unique to this community. Reusing passwords can expose your account indirectly when other websites (Twitter, Linkedin, Badoo, etc) are compromised; and

2) Your passwords will expire on a 180 day basis. When you login on the 181st day, you will have to change it. You guys and girls all have the highest level of access in our communities and this will help protect your accounts.

All other users on the community will have 365 day expirations. We'll also be sending out an email to users to let them know about the changes, in upcoming weeks.

We are testing and rolling out the changes slowly to ensure that they do not cause unforeseen issues with current plug-ins and products on the site, we will let you all know the day before it goes live.

I also ask that you help us with ensuring all users are being heard and we are answering everyone’s questions. We will be posting an announcement up to the community shortly and want to keep all chatter about this issue and any potential security issues in one place. If you see a user talking about this topic in a section outside of the announcement, please either move the post, or remove it and direct the user to the original thread. We greatly appreciate your help in this. If you have any questions please post them below.

Thanks all,
Helena Barclay
Community Management
 

·
Administrator
Joined
·
1,223 Posts
Discussion Starter #3
You are welcome to change your password now (especially if you have a "weak" password). But regardless, once we implement this security update, it will require you to change your password again.

Yung
 

·
Registered
Joined
·
127 Posts
I would like to say thank you to the moderators on this site. Being proactive and even updating password requirements is a sign of a very forward thinking and protective group that care for us on this site. I have to say I am impressed by this and appreciate the thought given to improved security. Thank you again!
 

·
Registered
Joined
·
2,768 Posts
Which of the following two passwords is stronger,
more secure, and more difficult to crack?​
D0g.....................
PrXyc.N(n4k77#L!eVdAfp9
You probably know this is a trick question, but the answer is: Despite the fact that the first password is HUGELY easier to use and more memorable, it is also the stronger of the two! In fact, since it is one character longer and contains uppercase, lowercase, a number and special characters, that first password would take an attacker approximately 95 times longer to find by searching than the second impossible-to-remember-or-type password!
https://www.grc.com/haystack.htm
 

·
Registered
Joined
·
357 Posts
Glad I saw this post. I got two emails & I wasn't sure if they were spam or not. I got one for pufferfish.com too, but I've never used that site, so I guess I won't bother to check that one out. Thanks team!


Sent from my iPhone using Tapatalk
 

·
Super Moderator
Joined
·
19,249 Posts
Can someone explain the discrepancy. Does this mean Moderators and members of the RT need to change passwords every 180 days but regular members once a year?

2) Your passwords will expire on a 180 day basis. When you login on the 181st day, you will have to change it. You guys and girls all have the highest level of access in our communities and this will help protect your accounts.

All other users on the community will have 365 day expirations. We'll also be sending out an email to users to let them know about the changes, in upcoming weeks.
 

·
Registered
Joined
·
3,023 Posts
I have to admit, I'm really not a fan of this idea, I get the reason, but it just seems like too much of a pain, especially having to come up with a new password each year.
Question: I just logged in today, and changed my password, I got an email with my new one earlier today, and logged on with that and changed it to something that I could remember. I'm not too sure if I'm misunderstanding or not, but will my password change again? I'd like to keep my new one.
 
  • Like
Reactions: Crash and allied123

·
Registered
Joined
·
27 Posts
sorry guys, but i'm not that impressed by the new site, it stills revamped car site. you haven't even tried to fix that, and there is less action on this site now.. the breeder section cannot be viewed without logging in and i really feel that this 'security' issue is bs. i'm logging out for the last time.... thanks for the past, but i'm not contributing my logs, findings or anything else here anymore... (not that i contributed that much to start with)...
i'm deleting everything i've posted (or at least gonna try) and my user page.... it's a shame because your dot com name has potential, but these new restrictions are nonsense.
maybe you'll run into me somewhere else, but not here anymore.
 

·
Registered
Joined
·
265 Posts
These restrictions and password resets are ridiculous I am all about security but not even amazon or my bank have anything this extreme!

Honestly I feel like this inconvenience of having such a difficult password will only become more annoying as time goes on because I feel like I'm not the only one who will absolutely forget their password more than once.

Also everyone getting the same email from some pufferfish website we've never been to is incredibly concerning and seems like a breach of privacy or a serious oversight as either this website has given out everyone's email or falsely sent everyone an email about a site we've never been to.
 

·
Registered
Joined
·
661 Posts
My bank has less security then this!
Its going to be super easy to forget a password that I have to reset so often. And don't anyone dare tell me to write it down! That's the easiest way for someone to gain excess to my accounts.

Edit: There is absolutely no reason to have this much security, we are not hiding confidential information, credit card or bank account numbers. Be nice to your members, get rid of a few of these rules.

Must be at least 10 characters (if we need all of the following, why make it so long?

Must contain lower-case characters
Must contain upper-case characters <- easiest to go wrong when typing in

Must contain numbers
Must contain symbols <- just plain annoying
 

·
Registered
Joined
·
939 Posts
Symbols seem a little over-the-top, I've never heard of needing those in a password before.
 

·
Registered
Joined
·
396 Posts
This is stupid, this is a piddly little forum with absolutely NO personal information. This excessive security is pure bollocks! If you feel you need to put that kind of security on it to where I have to keep a list of passwords here and type in some crazy long cryptic password to log in I feel I'm done here. It's a crying shame because I liked this forum. I may be back but the visits will few and far between, that is if I can remember then dang password.
 

·
Registered
Joined
·
2,768 Posts
Why is it such a hassle to change a password? I bet the people complaining use 1or 2 passwords for everything including email, These same people probably still use the default log in to their routers,

As for having to type the password in every time try a password manager, or save it to as plain text and copy n paste, or if you realy want to have your browser remember it.
 
1 - 20 of 38 Posts
Top