Password too common


#1

It’s very kind to warn users that their password choice may be too common but to prevent a user from signing up for a common password is simply ludicrous!

Please amend the sign-up process to provide the ‘password too common’ as a warning instead of a mandatory requirement. So as to eliminate the need for users to reset their password every single time they choose to login because they happen to use their own password algorithms that happen not to fit into this sites strict validation rules.


#2

Hey @pullvius,

Will check the settings to see what options exists and write back. However, we might still prefer to keep this option on, since well… it should be more secure this way :wink:

Regards,
Venelin
co-founder of myPoli :slightly_smiling_face:


#3

Of course I wholeheartedly agree that security is important for a lot of users who don’t have their own security solutions, but have noticed recently in the market, some lower security apps/sites are being what I would class as extremely over zealous.

Having the standard minimum 8 characters of a combination of numbers and upper and lowercase letters is sufficient for most apps as that would take a very determined hacker with collosal computing power and several decades to crack. And that’s aside from the fact that anyone that way inclined would ever want to target a user of a forum in that way.

With the market so saturated and uses increasingly fickle in their decisions, I think it is important to operate within the boundaries of acceptability for the majority. In my case, if an app/site prevents me from choosing a password because it doesn’t like a repetition of characters or insists on a symbol, then I generally find an alternative app as simply do not have the time to reset my passwords every single time I login.

Not the end of the world, but just useful feedback when it comes to a login password for a simple forum.

Hope that helps and that you enjoy the rest of your weekend.

P


#4

Just to bump this- had to log in again and was understandably very frustrated again to be forced to have to reset my password once again due to the strict character sequence algorithm of non repetition.

Don’t use this sites much so not the end of the world, but if it were something that was quick and easy to change, would strongly recommend lowering the strict requirements of not allowing repetition in the password so as to prevent other users from the deep frustration of being dictated to and them consequently moving on to a different app.

Warmest regards,

P