Eliphalet R. Moderator Posted July 25 Share Posted July 25 1 Quote Link to comment Share on other sites More sharing options...
Happy Jack, SASS #20451 Posted July 25 Share Posted July 25 I'm not a computer guy so am I supposed to change my password before the big change or am I supposed to wait until the change??? 2 Quote Link to comment Share on other sites More sharing options...
Eyesa Horg Posted July 25 Share Posted July 25 18 minutes ago, Happy Jack, SASS #20451 said: I'm not a computer guy so am I supposed to change my password before the big change or am I supposed to wait until the change??? +1 !! Quote Link to comment Share on other sites More sharing options...
Pat Riot Posted July 25 Share Posted July 25 1 hour ago, Happy Jack, SASS #20451 said: I'm not a computer guy so am I supposed to change my password before the big change or am I supposed to wait until the change??? 1 hour ago, Eyesa Horg said: +1 !! I would change it now and if required at the update. I did and will. This time I chose to use the Apple recommended “Strong” password. It’s 20 characters. Hope I don’t lose my phone. I’d never remember it. 1 Quote Link to comment Share on other sites More sharing options...
Eliphalet R. Moderator Posted July 25 Author Share Posted July 25 2 hours ago, Pat Riot said: I would change it now and if required at the update. I did and will. This time I chose to use the Apple recommended “Strong” password. It’s 20 characters. Hope I don’t lose my phone. I’d never remember it. This is a good idea. Most "minimum" password requirements these days are at least 8 characters, with uppercase and lowercase letters, some numbers, and a character or two, like $&@!*+ etc... We've had a lot of folks who only used their SASS number, or duplicated their username for their password, or used words like "password", "secret", "SASS" or some other easy password. 3 Quote Link to comment Share on other sites More sharing options...
Pat Riot Posted July 25 Share Posted July 25 34 minutes ago, Eliphalet R. Moderator said: This is a good idea. Most "minimum" password requirements these days are at least 8 characters, with uppercase and lowercase letters, some numbers, and a character or two, like $&@!*+ etc... We've had a lot of folks who only used their SASS number, or duplicated their username for their password, or used words like "password", "secret", "SASS" or some other easy password. This should interest folks How long does it take to crack various lengths of passwords? https://tech.co/password-managers/how-long-hacker-crack-password 2 2 Quote Link to comment Share on other sites More sharing options...
John Kloehr Posted July 25 Share Posted July 25 If the password file on a server is stolen. the hackers can work on it as they wish. The chart above assumes one cpu, but the hackers may have access to thousands of cpus, including the site they stole a password file from. What the chart above shows is the best case average time to guess a password. Note that if a password file is not stolen, changing your password often changes nothing. A person is just as likely to choose a password which will be cracked sooner as well as later. The reason to change passwords often is to make stolen password files worthless. Two-factor authentication is another barrier to to a stolen password. It combines something you know (the password) with something you have (cell text number). Most 2FA (Two Factor Authentication) systems for consumers (basic bank accounts) using 2FA have an exception to recognize a browser as the second factor. So if using a public computer, the second factor is a code sent to your phone by text. If using your "trusted" home computer, the second factor is the browser. Every software update to the browser requires going through the text code one time and also checking a box at login to say "trust this browser." So even if the password file is stolen, the hacker can not log in from a different untrusted browser. If they try, you get a text with a code for a login you are not attempting! Getting this code is therefore an alarm indicating someone is trying to log into your account. So let's see what the 2FA rollout here is. Hopefully trusted browsers is part of it. I'm sure the staff here does not really know, none are security experts. What I am sure of is scammers have been working this forum. Mostly through finding email addresses of buyers and sellers whether here or in the wild; but having a valid sell number for each member is a possible impediment for rogue member accounts. Making the forum (or at least the Classified and Vendor sections) private to members only would also help. There is no reason for the world to read those. 2 1 Quote Link to comment Share on other sites More sharing options...
Red Gauntlet , SASS 60619 Posted July 25 Share Posted July 25 I've never needed a password to come to this site. If I have one, I have no idea what it is. Quote Link to comment Share on other sites More sharing options...
John Kloehr Posted July 25 Share Posted July 25 2 minutes ago, Red Gauntlet , SASS 60619 said: I've never needed a password to come to this site. If I have one, I have no idea what it is. I am getting the feeling there is going to be a massive drop in participation at the 2FA rollout... 4 2 Quote Link to comment Share on other sites More sharing options...
John Kloehr Posted July 25 Share Posted July 25 Just looked at my account settings. 2FA better work with email addresses, my phone is not in my profile nor is there a place for it. This is different from all the banks. But eMail 2FA is used, which is a reason to not use the same password for different sites, particularly eMail. Quote Link to comment Share on other sites More sharing options...
Pat Riot Posted July 25 Share Posted July 25 5 minutes ago, John Kloehr said: I am getting the feeling there is going to be a massive drop in participation at the 2FA rollout... I think folks will figure it out. I hope they do quickly. 1 Quote Link to comment Share on other sites More sharing options...
Pat Riot Posted July 26 Share Posted July 26 There is one thing that I have tried to do a number of times and that is hide my email address. It may be hidden from everyone. I just cannot tell as there is no option when using my iPhone. I only use my iPhone for Wire access. I am sure with the new changes this will not be an issue. The email, I mean. Quote Link to comment Share on other sites More sharing options...
John Kloehr Posted July 26 Share Posted July 26 18 minutes ago, Pat Riot said: There is one thing that I have tried to do a number of times and that is hide my email address. It may be hidden from everyone. I just cannot tell as there is no option when using my iPhone. I only use my iPhone for Wire access. I am sure with the new changes this will not be an issue. The email, I mean. See your PM from me. 1 Quote Link to comment Share on other sites More sharing options...
The Original Lumpy Gritz Posted July 26 Share Posted July 26 4 hours ago, Eliphalet R. Moderator said: This is a good idea. Most "minimum" password requirements these days are at least 8 characters, with uppercase and lowercase letters, some numbers, and a character or two, like $&@!*+ etc... We've had a lot of folks who only used their SASS number, or duplicated their username for their password, or used words like "password", "secret", "SASS" or some other easy password. What about the folks(like ME)that can't remember their password for this site? 2 Quote Link to comment Share on other sites More sharing options...
Subdeacon Joe Posted July 26 Share Posted July 26 8 minutes ago, The Original Lumpy Gritz said: What about the folks(like ME)that can't remember their password for this site? In the Settings for your browser there should be "Password Manager." You ought to be able to find it there. Next, create a spreadsheet for all your passwords and populate it with all your passwords. Then, find a list of obsolete European cartridges and pick something like 11.15mm x 36R Fruhwirth and change it to 11_15mmX36RFruhw1rth, change your password and enter the new one into your spreadsheet. 2 1 Quote Link to comment Share on other sites More sharing options...
The Original Lumpy Gritz Posted July 26 Share Posted July 26 1 minute ago, Subdeacon Joe said: In the Settings for your browser there should be "Password Manager." You ought to be able to find it there. Next, create a spreadsheet for all your passwords and populate it with all your passwords. Then, find a list of obsolete European cartridges and pick something like 11.15mm x 36R Fruhwirth and change it to 11_15mmX36RFruhw1rth, change your password and enter the new one into your spreadsheet. I only speak fluent cowboy. Don't have a clue about the language you are using. 2 2 Quote Link to comment Share on other sites More sharing options...
Subdeacon Joe Posted July 26 Share Posted July 26 2 minutes ago, The Original Lumpy Gritz said: I only speak fluent cowboy. Don't have a clue about the language you are using. Well, you should understand "Browser" and "Settings" and "Password Manager." Other than that, "create a list of your sites and passwords" Do it in Word and I think you can sort alphabetically. As to the list of obsolete cartridges, here are some possible sources. From the site on which I found the example. I put the sources in Bold: 3. Each cartridge in the list is followed by initials referring to a published source whose description may be accepted as the norm for each round. These are as follows B – “Cartridges of the World”, by Barnes D – “Cartridges for Collectors”, by Datig (three vols) ECRA-“European Cartridge Research Association Data Viewer” E&B – “Manual of Pistol and Revolver Cartridges”, by Erlmeier and Brandt H – “The History and Development of Small Arms Ammunition”, by Hoyem (volumes two and three) Hu –“Military Rifle and Machine Gun Cartridges”, by Huon W&M – “Pistol and Revolver Cartridges”, by White & Munhall, single volume edition by Bearse. 1 Quote Link to comment Share on other sites More sharing options...
Eyesa Horg Posted July 26 Share Posted July 26 Not for nothing, but since Misty posted this to start with and it happens in a just a few days,it would be nice if she answered some of our questions and concerns. What happens to folks that are on only once in a blue moon, are they no longer able to access the site? I'm thinking this is going to cause more pain and grief than it's going to solve. I know like some have said, I hope I can find my password!! I've been logged in for years and have no idea what I used!! 1 1 Quote Link to comment Share on other sites More sharing options...
Black Angus McPherson Posted July 26 Share Posted July 26 29 minutes ago, Subdeacon Joe said: Well, you should understand "Browser" and "Settings" and "Password Manager." I understand the words. I have no idea how to use any of them. Angus 3 Quote Link to comment Share on other sites More sharing options...
Subdeacon Joe Posted July 26 Share Posted July 26 Open the browser tap on the 3 dots in the corner That will bring up a menu (i couldn't get a screenshot) in which one of the choices us Settings. Click on that and 1 Quote Link to comment Share on other sites More sharing options...
John Kloehr Posted July 26 Share Posted July 26 2 2 Quote Link to comment Share on other sites More sharing options...
Pat Riot Posted July 26 Share Posted July 26 That last line of the comic says a lot. THROUGH 20 YEARS OF EFFORT, WE'VE SUCCESSFULLY TRAINED EVERYONE TO USE PASSWORDS THAT ARE HARD FOR HUMANS TO REMEMBER, BUT EASY FOR COMPUTERS TO GUESS. I recall the military format that a lot of government agencies went to back in the mid 00’s. That was utterly annoying. At least 12 characters, using capitals, lower case, symbols and numbers and no repetitive characters and no using partial passwords from prior months. I found a workaround. When I forgot my password…Again 1. I called IT for a reset password. 2. I entered it then never logged out. 3. At the first of the month all passwords auto reset. See step 1. I did this for months until they figured me out. 2 1 Quote Link to comment Share on other sites More sharing options...
Rye Miles #13621 Posted July 26 Share Posted July 26 Okay just changed my password, now what's next? Anyone?? Quote Link to comment Share on other sites More sharing options...
Subdeacon Joe Posted July 26 Share Posted July 26 51 minutes ago, Rye Miles #13621 said: Okay just changed my password, now what's next? Anyone?? Go to the pinned post on The Wire. 1 Quote Link to comment Share on other sites More sharing options...
Rye Miles #13621 Posted July 26 Share Posted July 26 30 minutes ago, Subdeacon Joe said: Go to the pinned post on The Wire. I did and I really got confused, there's not much info to tell you about the 2 FA. Oh well I gotta go now. I'll be back later. Quote Link to comment Share on other sites More sharing options...
Subdeacon Joe Posted July 26 Share Posted July 26 36 minutes ago, Rye Miles #13621 said: I did and I really got confused, there's not much info to tell you about the 2 FA. Oh well I gotta go now. I'll be back later. Basically, change your password then wait for the rollout of the 2 step verification thing. 3 Quote Link to comment Share on other sites More sharing options...
Father Kit Cool Gun Garth Posted July 26 Share Posted July 26 1 2 Quote Link to comment Share on other sites More sharing options...
Larsen E. Pettifogger, SASS #32933 Posted July 30 Share Posted July 30 Looks like the deadline has come and gone and nothing happened. Sort of like waiting for Y2K. 1 2 Quote Link to comment Share on other sites More sharing options...
John Kloehr Posted July 30 Share Posted July 30 13 hours ago, Larsen E. Pettifogger, SASS #32933 said: Looks like the deadline has come and gone and nothing happened. Sort of like waiting for Y2K. The only Y2K glitch I actually ran into was in 1999, a few months before the new year. Got a letter from a credit card company telling me to be on the lookout for a new card. They needed to issue a new one because the old one was going to expire in 1902. I made a lot of money in Y2K prep, mostly legitimate things, some of the jobs were silly. For instance patching printer software because the self-test printout would have a 19xx date. The display was fine, the built-in calendar was fine, just the self-test sheet was wrong and those all went directly to a recycle bin. Quote Link to comment Share on other sites More sharing options...
Linn Keller, SASS 27332, BOLD 103 Posted July 30 Share Posted July 30 Our local hardware store had more Amish lamps than they'd intended to order. The boss grabbed a sharpie and an index card and taped a new notice above the oil lamp display: "GUARANTEED Y2K COMPLIANT!" Sold out in two days. 9 Quote Link to comment Share on other sites More sharing options...
Pat Riot Posted July 31 Share Posted July 31 I have a question for @Eliphalet R. Moderator Actually 2 questions. 1. I haven’t had to log on yet with the new system. Is it not implemented? 2. Is there any way to dump the annoying “merge” feature while we have the attention of the forum contractor? When submitting one post after another the system merges them if done within what I consider to be a random amount of time. Also, when this occurs if you edit the post that was merged you literally have to leave that page then return to post the second post. It’s 2024, not 1996. The forum provider / contractor should be reminded of that. I can post GIFs and videos which in 1996 was impossible due to bandwidth and very limited internet speeds. I think here in 2024 the contractor might be able to update their system with little effort. 1 2 Quote Link to comment Share on other sites More sharing options...
Father Kit Cool Gun Garth Posted July 31 Share Posted July 31 1 hour ago, Pat Riot said: I have a question for @Eliphalet R. Moderator 2. Is there any way to dump the annoying “merge” feature while we have the attention of the forum contractor? When submitting one post after another the system merges them if done within what I consider to be a random amount of time. Thanks for asking that question. My work around has been to make my first post, submit it, then go into another Thread, merely entering it, then exit and go back to the original Thread to post your next entry. Cumbersome, but eliminates not knowing how long to wait before submitting the next post. Quote Link to comment Share on other sites More sharing options...
Eliphalet R. Moderator Posted July 31 Author Share Posted July 31 2 hours ago, Pat Riot said: I have a question for @Eliphalet R. Moderator Actually 2 questions. 1. I haven’t had to log on yet with the new system. Is it not implemented? 2. Is there any way to dump the annoying “merge” feature while we have the attention of the forum contractor? When submitting one post after another the system merges them if done within what I consider to be a random amount of time. Also, when this occurs if you edit the post that was merged you literally have to leave that page then return to post the second post. It’s 2024, not 1996. The forum provider / contractor should be reminded of that. I can post GIFs and videos which in 1996 was impossible due to bandwidth and very limited internet speeds. I think here in 2024 the contractor might be able to update their system with little effort. Seems not to have been implemented yet. I'll forward your info on automatic merge. I never experienced it so thank you for describing it. 3 Quote Link to comment Share on other sites More sharing options...
Misty Moonshine Posted July 31 Share Posted July 31 On 7/25/2024 at 8:59 PM, Eyesa Horg said: Not for nothing, but since Misty posted this to start with and it happens in a just a few days,it would be nice if she answered some of our questions and concerns. What happens to folks that are on only once in a blue moon, are they no longer able to access the site? I'm thinking this is going to cause more pain and grief than it's going to solve. I know like some have said, I hope I can find my password!! I've been logged in for years and have no idea what I used!! We are happy to help you reset your password if you find you have trouble with "Forgot password" option to log into the Forum. Once you meet the new minimum password requirements you'll be in and it'll be like nothing ever even happened. I apologize for not more closely monitoring this post and answering your questions and concerns in a more timely manner. Misty 1 2 Quote Link to comment Share on other sites More sharing options...
Eyesa Horg Posted July 31 Share Posted July 31 No worries Misty, thank you! Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.