Complex Passwords?

[Thomasss]

For some having complex passwords is like, a must, and with softwares coming with the option to require complex passwords (like a symbol and capital letter somewhere in the password) I am curious to see how many of you guys require complex passwords? 😱

I require complex passwords for all my staff, and I actually reset them once a month. Staff accounts are targeted more and well, for obvious reasons, so I like to know my staff don't have passwords like 12345 and what not, and be a security issue later down the road. 😛

 

[Nebulous]

I have complex 30+ character passwords and a unique one for each forum/website I visit.

I've been a member of a few forums that got hacked. The hackers downloaded/stole the database. If this happens at any forum you visit, a hacker can decrypt your hashed password and use it to login to your other accounts around the web (if you use the same password everywhere).

Best to have a different password for each forum you visit because if one gets compromised, you'll have nothing to worry about.

 

[RH-Calvin]

A complex password can be anything with a capital letter in between and using special characters like #@$ and so on.

 

[THF_Martin]

I personally use complex passwords myself, I don't require them for members accounts on my forum, but am adamant that staff members use complex passwords themselves.

 

[Nebulous]

I have complex 30+ character passwords and a unique one for each forum/website I visit.

I've been a member of a few forums that got hacked. The hackers downloaded/stole the database. If this happens at any forum you visit, a hacker can decrypt your hashed password and use it to login to your other accounts around the web (if you use the same password everywhere).

Best to have a different password for each forum you visit because if one gets compromised, you'll have nothing to worry about.

To add onto that, anyone can make a forum, even dishonest people. A corrupt admin possibly decrypt your hashed password as well. You can never be too careful when it comes to password security. Using a long/complex one will make it harder for someone to decode it and using a unique one for each site you visit will make it useless to the person who gets their hands on it.

 

[Ash]

I don't use complex passwords unless the site recommends me to. I like using my own passwords and I hate those sites that have complex password requirements as I have to change the password from my normal one which is annoying as I have to remember them

 

[Cierra]

I require them for my staff after we had a hacking incident a while ago, but I don't have complex passwords turned on (I'm using MyBB). I hope members have a complex/secure password but can't guarantee it of course.

 

[Thomasss]

I have complex 30+ character passwords and a unique one for each forum/website I visit.

I've been a member of a few forums that got hacked. The hackers downloaded/stole the database. If this happens at any forum you visit, a hacker can decrypt your hashed password and use it to login to your other accounts around the web (if you use the same password everywhere).

Best to have a different password for each forum you visit because if one gets compromised, you'll have nothing to worry about.

To add onto that, anyone can make a forum, even dishonest people. A corrupt admin possibly decrypt your hashed password as well. You can never be too careful when it comes to password security. Using a long/complex one will make it harder for someone to decode it and using a unique one for each site you visit will make it useless to the person who gets their hands on it.

I honestly never thought about that. 😱

I am curious however, what software do you use to keep track of those passwords? And furthermore, is that software reliable?

 

[Creaky]

I use complex password all the time, working in IT it's something you get used to using.

 

[Mikaya]

I always use complex passwords for my forum accounts/email/IM (with numbers/symbols/caps) Because it does help against hackers. Being hacked can be a terrible experience for a victim. 🙁

 

[Cosmic]

If you want your password to be unbreakably secure, just hit the - key about 20 times after you type in your password. 😛

For example, assume your password is "ilovekfc1234"

Change your password to "ilovekfc1234------------------"

This is called a password haystack. Here is more info on why it's a good idea: https://www.grc.com/haystack.htm

 

[ddoesmc]

I do require secure passwords for staff, however, I don't mind what members use as their responsible for their account.

 

[Obsidian]

I think using alternate characters that look like the original character helps:

Look
10O€

Both look relatively the same though the second is a lot more secure, plus as a hint you could write: look and the person trying to gain entry wouldn't get it though you would 🙂

 

[JohnyAF]

for me, it should be as easy as it could be, but still need something special that only that member knows. no need tobe complex. Short, easy, but no one else can guess. That's the key!

 

[Zion]

Using a complex password is a no-brainer for those of us that are knowledgeable in the world of cyber security. All passwords can be compromised, but you can definitely make it a lot easier with a basic password, or a lot harder with a complex password, to crack the code. Make the hackers work hard at it, that way it's less likely you will fall victim to a compromised account.

 

[KnownSyntax]

I let those know that they should have a complex system (and that if there were a breach that I would alert everyone and force a change of password), however I do not proactively make users have complex passwords on registration or password change.

 

[IvanN]

More safe, isn't it?

 

[John Adam]

Heh heh, I don't think so. A complex password doesn't mean it can't be hacked.
For me, I've joint the www for more than 10 years with many type of account: game, bank, forum, webmaster ... and my pass is still very simple, easy to remember but very hard to guest.

 

[Allenafaith]

I always use a complex password just to be safe. I know it can still be hacked, but it'll at least make it harder for them to do so.