What are the Password Requirements?
Is there any point in having a very strict and secure password requirement policy on a site like this where obtaining someone elses password really isn´t going to help you very much.

It won´t let me change to a password of six characters with a mixture of letters and numbers.

Thanks,
Ben

The issue with passwords is the fact that it protects not only the end user but other users and stops harvesting of email addresses.. Another issue, is when you are on the forum, you are not just on the web but on one of Steve's servers so he has too protect his own interest as well.
in my opinion you can never be to secure in thie electronic day and age

Robin

Hi Ben,

The password requirement are this: minimum 7 characters. There is no requirement for numeric values in the password.

As Robin mentioned, I do need to maintain a level of security to protect my own servers and users, but the 7 character minimum is a DNN default.

7 letters being the default seems strange to me, as in my experience 6 letters minimum is standard on the internet for this type of site (ie not internet banking etc). It's just annoying when you have a standard password for these sites, not to be able to use it. I would like to recommend just a 6 letter minumum password just for the convenience of your users.

Cheers,
Ben

Hi Ben,
The 7 Letter minimum is actually the default setting. I could enable the requirement of alpha-numeric, but I chose not to. I will take your recommendation under advisement.

Hi Steve,

I realise it is the default, I just think it is a bit strange for a default! The alpha numeric thing i don't mind so much (if it were to be enforced) because that is fairly standard as well for many internet passwords.

Don't get me wrong, it isn't a life and death matter and I know you have far more important things to talk about and do, as do I, but it would be slightly more convenient for me if the minumum were shortened to six!

Have a very happy new year!

Ben

I am amazed that people are still questioning password security Windows 2003 server by default makes you use 7 charaters minimum plus with a combination of numbers letters in both lower and upper case, plus other restrictions as follows:

Password history, select the Define this policy setting check box, set the value of Keep password history to 24,
Maximum password age, select the Define this policy setting check box, set the value of Password will expire in to 42,
Minimum password age, set the value of Password can be changed after to 1.
Minimum password length, select the Define this policy setting check box, set the value of Password must be at least to 7,
Password must meet complexity requirements, select the Define this policy setting in the template check box,
Store passwords using reversible encryption


With this in mind Steves password requirements are pretty weak and easy going, see links belwo for further info..

http://www.microsoft.com/technet/pr...rngpw.mspx

Robin

Another solution for Ben would be for him too change all of his other passwords to 7 characters so that they are in line with the one he has to use with Argo??

My passwords as a minimum are always 8 chararcters or more

Robin