Results 1 to 11 of 11
Does anyone know a HTML code for doing a password for you site? Forum: HTML ForumReplies: 1
log in and password code Forum: Website Scripts ForumReplies: 7
11-02-2004, 02:09 PM #1
Booted because site objected to my password
I wonder if you've ever heard of a situation like this... I registered for free access to a website. The next day my registration was no longer valid. I sent an email to customer service ("cs").
It turns out "cs" (I assume the site owner) was offended by my password. Not my user name, my password! He/she ended their email "get lost".
Granted, my password *was* offensive, but I wrongly assumed it was private.
What are your thoughts on this? Of course I'll never go back to that site, but part of me is itching to bust the guy for unethical behavior.
Any guidance would be appreciated. Thanks.
Last edited by Lars; 11-02-2004 at 02:29 PM.
11-02-2004, 06:52 PM #2
To be honest, if its for a free service then there is not much you can do. Have you checked the Terms Of Service?
11-02-2004, 07:55 PM #3
Count your blessings!! It is better than being a member and not knowing the idiot is watching your passwords.
11-03-2004, 09:51 AM #4
Thanks, yes, I'm glad to be away from that site.
I guess my real question is whether anyone here -- any of you webmaster-types -- have access to people's passwords, and/or look at them?
In my organization, no one looks at passwords. Ever. If a user forgets a password, for example, we don't ever re-send it -- we just delete it and send them a random, temporary new one. They then log on and change the password to whatever they want.
11-03-2004, 09:53 AM #5
If I have to store a password, it gets md5 hashed. One-way only.
11-03-2004, 10:22 AM #6
In VBulletin 3 the passwords are md5 hashed.
11-28-2004, 08:09 PM #7
Most sites should encrypt passwords for storage. However, many sites are built by people with little or no knowledge of security. Even though vb3 uses md5 to encrypt the pass, it wouldn't take long to un encrypt the password give that you know how it was encrypted in the first place.
I am often worried about username and passwords. Many people, out of habbit, use the same password on everything they do. Wither it's a forum or their bank account. This is very bad practice. Also few sites use an ssl (even a self signed ssl) for the login. Though even when they do, there is no gaurantee that your details are stored properly once they are on the server. As far as you know you credit card and personal info could be printed hardcopy and sitting in someones filing cabnet.
I hope you are now changing your passwords cause now i know it's a rude word it wouldn't take me long to crack your login. It's not like there are that many rude words to try out.
11-28-2004, 08:11 PM #8
A hash (like md5) is not the same as encryption. A hash is one-way only, and cannot be de-crypted. It can, however, be 'brute-forced' but this obviously takes a long long time.
Encryption is useful for things like emails and documents. Passwords should be hashed.
12-12-2004, 05:26 AM #9
How should people stored there passwords
I was wondering if anyone had any thought on the methods of storing passwords should people just use an office supply that they can easily remember but is easy for hackers ect to just guess, or should be have very complicated passwords but write them down and risk the consequences if our home is broken into or use one of these "store your password safely on your pc programs" i even think norton make one of these programs, but just what if someone somehow got into this data ... then what so I ask how should people store there password
(I no this isnt exactly html but is to do with web hosing passwords ect and is very related the other posts in this thread)
06-17-2005, 05:16 AM #10
Re: Booted because site objected to my password!Originally Posted by Rincewind
fortune-500 company, that handled telecommunications.
I was in a fairly sensitive department (this was a few years ago), and we used to handle credit card numbers, and addresses. These were printed out daily in large quantities and attached with one big looseleaf binder ring.
I and others, would have to go over them and sign each one in addition to a heavy workload. It was impossible to get through them all, so we were instructed to "just leave them on the window-sill". They just kept piling up over the months, until they were stacked at least knee high all over the floor.
This was a room that was not locked.
No, I would not assume that my information is very safe.
02-24-2007, 01:49 AM #11
Re: Booted because site objected to my password!
Not in a million years would I go back to that site!
Anything that can be seen by the entire forum should be moderated, like your user name, where you live, etc.. A password is private and should not be known by anyone, even a supermod.
I'm a mod at another forum and cannot see anyone's password, nor can my "boss" see mine. By the way, it is a vBulletin as well