Jump to content
SASS Wire Forum

SASS Wire Forum: Email Scams, Spam (not the good kind) & your Login password


Recommended Posts

18 minutes ago, Happy Jack, SASS #20451 said:

I'm not a computer guy so am I supposed to change my password before the big change or am I supposed to wait until the change???

+1  !!

Link to comment
Share on other sites

1 hour ago, Happy Jack, SASS #20451 said:

I'm not a computer guy so am I supposed to change my password before the big change or am I supposed to wait until the change???

 

1 hour ago, Eyesa Horg said:

+1  !!

I would change it now and if required at the update. 
I did and will. 
This time I chose to use the Apple recommended “Strong” password. It’s 20 characters. Hope I don’t lose my phone. I’d never remember it. :lol:

  • Thanks 1
Link to comment
Share on other sites

2 hours ago, Pat Riot said:

 

I would change it now and if required at the update. 
I did and will. 
This time I chose to use the Apple recommended “Strong” password. It’s 20 characters. Hope I don’t lose my phone. I’d never remember it. :lol:

 

This is a good idea.  Most "minimum" password requirements these days are at least 8 characters, with uppercase and lowercase letters, some numbers, and a character or two, like $&@!*+ etc...

We've had a lot of folks who only used their SASS number, or duplicated their username for their password, or used words like "password", "secret", "SASS" or some other easy password.   

  • Like 3
Link to comment
Share on other sites

34 minutes ago, Eliphalet R. Moderator said:

 

This is a good idea.  Most "minimum" password requirements these days are at least 8 characters, with uppercase and lowercase letters, some numbers, and a character or two, like $&@!*+ etc...

We've had a lot of folks who only used their SASS number, or duplicated their username for their password, or used words like "password", "secret", "SASS" or some other easy password.   


This should interest folks

 

How long does it take to crack various lengths of passwords?

 

https://tech.co/password-managers/how-long-hacker-crack-password

 

image.jpeg.7fc7ae5e62e95ff6107570553bbebb37.jpeg
 

 

 

  • Like 2
  • Thanks 2
Link to comment
Share on other sites

If the password file on a server is stolen. the hackers can work on it as they wish. The chart above assumes one cpu, but the hackers may have access to thousands of cpus, including the site they stole a password file from.

 

What the chart above shows is the best case average time to guess a password. Note that if a password file is not stolen, changing your password often changes nothing. A person is just as likely to choose a password which will be cracked sooner as well as later.

 

The reason to change passwords often is to make stolen password files worthless.

 

Two-factor authentication is another barrier to to a stolen password. It combines something you know (the password) with something you have (cell text number). Most 2FA (Two Factor Authentication) systems for consumers (basic bank accounts) using 2FA have an exception to recognize a browser as the second factor. So if using a public computer, the second factor is a code sent to your phone by text. If using your "trusted" home computer, the second factor is the browser. Every software update to the browser requires going through the text code one time and also checking a box at login to say "trust this browser."

 

So even if the password file is stolen, the hacker can not log in from a different untrusted browser. If they try, you get a text with a code for a login you are not attempting! Getting this code is therefore an alarm indicating someone is trying to log into your account.

 

So let's see what the 2FA rollout here is. Hopefully trusted browsers is part of it. I'm sure the staff here does not really know, none are security experts. What I am sure of is scammers have been working this forum. Mostly through finding email addresses of buyers and sellers whether here or in the wild; but having a valid sell number for each member is a possible impediment for rogue member accounts. Making the forum (or at least the Classified and Vendor sections) private to members only would also help. There is no reason for the world to read those.

  • Like 2
  • Thanks 1
Link to comment
Share on other sites

2 minutes ago, Red Gauntlet , SASS 60619 said:

I've never needed a password to come to this site. If I have one, I have no idea what it is.

I am getting the feeling there is going to be a massive drop in participation at the 2FA rollout...

  • Like 4
  • Sad 2
Link to comment
Share on other sites

Just looked at my account settings. 2FA better work with email addresses, my phone is not in my profile nor is there a place for it. This is different from all the banks. But eMail 2FA is used, which is a reason to not use the same password for different sites, particularly eMail.

Link to comment
Share on other sites

5 minutes ago, John Kloehr said:

I am getting the feeling there is going to be a massive drop in participation at the 2FA rollout...

I think folks will figure it out. I hope they do quickly. :D

  • Like 1
Link to comment
Share on other sites

There is one thing that I have tried to do a number of times and that is hide my email address. It may be hidden from everyone. I just cannot tell as there is no option when using my iPhone. I only use my iPhone for Wire access. 
 

I am sure with the new changes this will not be an issue. The email, I mean. 

Link to comment
Share on other sites

18 minutes ago, Pat Riot said:

There is one thing that I have tried to do a number of times and that is hide my email address. It may be hidden from everyone. I just cannot tell as there is no option when using my iPhone. I only use my iPhone for Wire access. 
 

I am sure with the new changes this will not be an issue. The email, I mean. 

See your PM from me.

  • Like 1
Link to comment
Share on other sites

4 hours ago, Eliphalet R. Moderator said:

 

This is a good idea.  Most "minimum" password requirements these days are at least 8 characters, with uppercase and lowercase letters, some numbers, and a character or two, like $&@!*+ etc...

We've had a lot of folks who only used their SASS number, or duplicated their username for their password, or used words like "password", "secret", "SASS" or some other easy password.   

What about the folks(like ME)that can't remember their password for this site?:(

  • Like 2
Link to comment
Share on other sites

8 minutes ago, The Original Lumpy Gritz said:

What about the folks(like ME)that can't remember their password for this site?:(

 

In the Settings for your browser there should be "Password Manager."  You ought to be able to find it there.

Next, create a spreadsheet for all your passwords and populate it with all your passwords.

Then, find a list of obsolete European cartridges and pick something like 
11.15mm x 36R Fruhwirth and change it to 11_15mmX36RFruhw1rth, change your password and enter the new one into your spreadsheet.

 

  • Haha 2
  • Sad 1
Link to comment
Share on other sites

1 minute ago, Subdeacon Joe said:

 

In the Settings for your browser there should be "Password Manager."  You ought to be able to find it there.

Next, create a spreadsheet for all your passwords and populate it with all your passwords.

Then, find a list of obsolete European cartridges and pick something like 
11.15mm x 36R Fruhwirth and change it to 11_15mmX36RFruhw1rth, change your password and enter the new one into your spreadsheet.

 

I only speak fluent cowboy. :wacko:

Don't have a clue about the language you are using. :lol:

  • Like 2
  • Haha 2
Link to comment
Share on other sites

2 minutes ago, The Original Lumpy Gritz said:

I only speak fluent cowboy. :wacko:

Don't have a clue about the language you are using. :lol:

 

Well, you should understand "Browser" and "Settings" and "Password Manager."  

Other than that, "create a list of your sites and passwords"  Do it in Word and I think you can sort alphabetically.

As to the list of obsolete cartridges, here are some possible sources.  From the site on which I found the example.  I put the sources in Bold:

 

3. Each cartridge in the list is followed by initials referring to a published source whose description may be accepted as the norm for each round. These are as follows

B – “Cartridges of the World”, by Barnes

 

D – “Cartridges for Collectors”, by Datig (three vols)

 

ECRA-“European Cartridge Research Association Data Viewer

 

E&B – “Manual of Pistol and Revolver Cartridges”, by Erlmeier and Brandt

 

H – “The History and Development of Small Arms Ammunition”, by Hoyem (volumes two and three)

 

Hu –“Military Rifle and Machine Gun Cartridges”, by Huon

 

W&M – “Pistol and Revolver Cartridges”, by White & Munhall, single volume edition by Bearse.

  • Like 1
Link to comment
Share on other sites

Not for nothing, but since Misty posted this to start with and it happens in a just a few days,it would be nice if she answered some of our questions and concerns. What happens to folks that are on only once in a blue moon, are they no longer able to access the site? I'm thinking this is going to cause more pain and grief than it's going to solve. I know like some have said, I hope I can find my password!! I've been logged in for years and have no idea what I used!!

  • Like 1
  • Thanks 1
Link to comment
Share on other sites

Open the browser 

Screenshot_20240725_183326_OneUIHome.thumb.jpg.30fa90e4c428f26f12deb244bbfba369.jpg

 

tap on the 3 dots in the corner 

Screenshot_20240725_182808_Chrome.thumb.jpg.78ecb76a8980ad7355b2a8bfbc1ad08a.jpg

 

That will bring up a menu (i couldn't get a screenshot) in which one of the choices us Settings.  Click on that and

Screenshot_20240725_182928_Chrome.thumb.jpg.4cac00ef9366fa9ad86ede2fb518f0c5.jpg

 

 

  • Like 1
Link to comment
Share on other sites

That last line of the comic says a lot. 
THROUGH 20 YEARS OF EFFORT, WE'VE SUCCESSFULLY TRAINED EVERYONE TO USE PASSWORDS THAT ARE HARD FOR HUMANS TO REMEMBER, BUT EASY FOR COMPUTERS TO GUESS.
 

I recall the military format that a lot of government agencies went to back in the mid 00’s. 
That was utterly annoying. At least 12 characters, using capitals, lower case, symbols and numbers and no repetitive characters and no using partial passwords from prior months. 

 

I found a workaround. When I forgot my password…Again

1. I called IT for a reset password. 
2. I entered it then never logged out. 
3. At the first of the month all passwords auto reset. See step 1.

I did this for months until they figured me out.  

 

  • Like 2
  • Haha 1
Link to comment
Share on other sites

Okay just changed my password, now what's next? Anyone??

Link to comment
Share on other sites

30 minutes ago, Subdeacon Joe said:

 

Go to the pinned post on The Wire.

I did and I really got confused, there's not much info to tell you about the 2 FA. Oh well I gotta go now. I'll be back later.

Link to comment
Share on other sites

36 minutes ago, Rye Miles #13621 said:

I did and I really got confused, there's not much info to tell you about the 2 FA. Oh well I gotta go now. I'll be back later.

 

Basically,  change your password then wait for the rollout of the 2 step verification thing. 

  • Thanks 3
Link to comment
Share on other sites

13 hours ago, Larsen E. Pettifogger, SASS #32933 said:

Looks like the deadline has come and gone and nothing happened.  Sort of like waiting for Y2K.

The only Y2K glitch I actually ran into was in 1999, a few months before the new year.

 

Got a letter from a credit card company telling me to be on the lookout for a new card. They needed to issue a new one because the old one was going to expire in 1902.

 

I made a lot of money in Y2K prep, mostly legitimate things, some of the jobs were silly. For instance patching printer software because the self-test printout would have a 19xx date. The display was fine, the built-in calendar was fine, just the self-test sheet was wrong and those all went directly to a recycle bin.

Link to comment
Share on other sites

Our local hardware store had more Amish lamps than they'd intended to order.

The boss grabbed a sharpie and an index card and taped a new notice above the oil lamp display:

"GUARANTEED Y2K COMPLIANT!"

Sold out in two days.

  • Haha 9
Link to comment
Share on other sites

I have a question for @Eliphalet R. Moderator

Actually 2 questions. 
 

1. I haven’t had to log on yet with the new system. Is it not implemented?

 

2. Is there any way to dump the annoying “merge” feature while we have the attention of the forum contractor?  
When submitting one post after another the system merges them if done within what I consider to be a random amount of time. Also, when this occurs if you edit the post that was merged you literally have to leave that page then return to post the second post. It’s 2024, not 1996. The forum provider / contractor should be reminded of that. 
I can post GIFs and videos which in 1996 was impossible due to bandwidth and very limited internet speeds. I think here in 2024 the contractor might be able to update their system with little effort. 

  • Like 1
  • Thanks 2
Link to comment
Share on other sites

1 hour ago, Pat Riot said:

I have a question for @Eliphalet R. Moderator

 

2. Is there any way to dump the annoying “merge” feature while we have the attention of the forum contractor?  
When submitting one post after another the system merges them if done within what I consider to be a random amount of time.

 

Thanks for asking that question.
My work around has been to make my first post, submit it, then go into another Thread, merely entering it, then exit and go back to the original Thread to post your next entry.
Cumbersome, but eliminates not knowing how long to wait before submitting the next post.

Link to comment
Share on other sites

2 hours ago, Pat Riot said:

I have a question for @Eliphalet R. Moderator

Actually 2 questions. 
 

1. I haven’t had to log on yet with the new system. Is it not implemented?

 

2. Is there any way to dump the annoying “merge” feature while we have the attention of the forum contractor?  
When submitting one post after another the system merges them if done within what I consider to be a random amount of time. Also, when this occurs if you edit the post that was merged you literally have to leave that page then return to post the second post. It’s 2024, not 1996. The forum provider / contractor should be reminded of that. 
I can post GIFs and videos which in 1996 was impossible due to bandwidth and very limited internet speeds. I think here in 2024 the contractor might be able to update their system with little effort. 

 

Seems not to have been implemented yet.

 

I'll forward your info on automatic merge.  I never experienced it so thank you for describing it.

  • Thanks 3
Link to comment
Share on other sites

On 7/25/2024 at 8:59 PM, Eyesa Horg said:

Not for nothing, but since Misty posted this to start with and it happens in a just a few days,it would be nice if she answered some of our questions and concerns. What happens to folks that are on only once in a blue moon, are they no longer able to access the site? I'm thinking this is going to cause more pain and grief than it's going to solve. I know like some have said, I hope I can find my password!! I've been logged in for years and have no idea what I used!!

We are happy to help you reset your password if you find you have trouble with "Forgot password" option to log into the Forum. Once you meet the new minimum password requirements you'll be in and it'll be like nothing ever even happened. 

 

I apologize for not more closely monitoring this post and answering your questions and concerns in a more timely manner. 

 

Misty

  • Like 1
  • Thanks 2
Link to comment
Share on other sites

No worries Misty, thank you!

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
×
×
  • Create New...

Important Information

By using this site, you agree to our Terms of Use.