General rant about online accounts and password restrictions :P

[papajo]

I know that this wont lead to anything other than having you telling your opinion about it but I still wonder why the situation is like it is. 

 

I am sick and tired by those "minimum safety requirements" each time I make an account (especially if it will be an one time use in a "who cares" webpage that I plan to use only once a year or a couple of times, or in an alt alt email account) 

 

Like let me choose my password it is my account and thus my liability, just warn that by using a password that doesn't include a cap or a symbol or is atleast 10 digits long and has pixies and fairies on it that my account is in danger of getting easily compromised and that it is most likely that it will, let me click on "I understand and still want to use this password" and let me get on with my life. 

 

Actually scratch what I said above being irritated when this happens to "who cares" websites it is even more irritating when it happens to services I actually plan to use regularly like I dont want to change my way of thinking of passwords is how I remember them dont tell me that e.g "the password contains a known word or is too similar with your username" or  8 digits are not enough FU I want to have 8 digits and take the risk what is it for you? 

 

I think that our basic freedoms are violated when we cant choose our own passwords. 

 

Or the other scheme were they have you change your password to a new one every now and then... WTF I dont want to! 

 

Is it risky? ok just pop up a window informing me about the serious risk and let me chose if I want to comply and change my pass to a stronger or have it as is because I YOLO! It is my account my data my risk. I would even agree if they told that no attempt would be made to restore my account or refund transactions if I don't agree to change my password and get hacked. . 

 

 

Am I the only one who's gears get ground when this happens?

 

[minibois]

1 minute ago, papajo said:

let me choose my password it is my account and thus my liability

except the user - like you - will complain to the company once you're 'hacked', meaning the requirements they set for making a password help both you and themselves too, through having less silly customer service tickets.

 

I thought this thread would be the other way around. websites having 'maximum' requirements on passwords.

for example, a website I recently made an account for has a max character limit on passwords of 20. wut?? that's quite short.

that is not even the worst though they also don't allow for many special characters, but do not mention this! they only - on the next step - mention "there is something wrong". I had to find some forum post, where someone mentioned illegal characters in a password.

 

that makes it even worse. first they have a low character limit and then you can't even make your password complicated and are basically restricted to:

- lower case letters

- upper case letters

- numbers

- couple special character (?,!, - and _ if I recall correctly)

 

 

[papajo]

4 minutes ago, minibois said:

except the user - like you - will complain to the company once you're 'hacked',

I already mentioned that:

10 minutes ago, papajo said:

I would even agree if they told that no attempt would be made to restore my account or refund transactions if I don't agree to change my password and get hacked. . 

-----------------------------

4 minutes ago, minibois said:

hey also don't allow for many special characters, but do not mention this! they only - on the next step - mention "there is something wrong". I had to find some forum post, where someone mentioned illegal characters in a password.

yea I forgot about that! That grinds my gears as well! it is my Password let me choose the symbols! Especially if you want it with specifically more than X chars two of them caps three of them numbers and all that BS !!! 

[Morrie Sells Wigs]

12 minutes ago, papajo said:

I know that this wont lead to anything other than having you telling your opinion about it but I still wonder why the situation is like it is. 

 

I am sick and tired by those "minimum safety requirements" each time I make an account (especially if it will be an one time use in a "who cares" webpage that I plan to use only once a year or a couple of times, or in an alt alt email account) 

 

Like let me choose my password it is my account and thus my liability, just warn that by using a password that doesn't include a cap or a symbol or is atleast 10 digits long and has pixies and fairies on it that my account is in danger of getting easily compromised and that it is most likely that it will, let me click on "I understand and still want to use this password" and let me get on with my life. 

 

Actually scratch what I said above being irritated when this happens to "who cares" websites it is even more irritating when it happens to services I actually plan to use regularly like I dont want to change my way of thinking of passwords is how I remember them dont tell me that e.g "the password contains a known word or is too similar with your username" or  8 digits are not enough FU I want to have 8 digits and take the risk what is it for you? 

 

I think that our basic freedoms are violated when we cant choose our own passwords. 

 

Or the other scheme were they have you change your password to a new one every now and then... WTF I dont want to! 

 

Is it risky? ok just pop up a window informing me about the serious risk and let me chose if I want to comply and change my pass to a stronger or have it as is because I YOLO! It is my account my data my risk. I would even agree if they told that no attempt would be made to restore my account or refund transactions if I don't agree to change my password and get hacked. . 

 

 

Am I the only one who's gears get ground when this happens?

 

Don't talk to me about passwords!!!!

 

That's the biggest pain in the backside I've had since getting into pc gaming last year.

 

Previously, I gamed exclusively on the ps4 pro - which meant one marketplace/store and one email and password combination for my Sony account. 

Currently, on pc, I have had to make accounts for Steam, GoG, Ubisoft store, Blizzard store, Epic Store, Origin, Nvidia, Intel, as well as the windows account and game pass.

 

I've also made sure each one has a unique password and 2 step verification. 

It's impossible to memorise all that so I've had to get a small notebook and write them down.

Which is good in one way, as not having to memorise them means I can make the passwords as obscure and random as possible. 

 

It's definitely something that needs refining, and I totally agree with your sentiment regarding choice etc...

[XR6]

18 minutes ago, papajo said:

Am I the only one who's gears get ground when this happens?

I don't know, but this doesn't annoy me.

I'm bad at remembering passwords so I use a password manager. I just have to remember one master password and the password manager handles the rest.

 

Quote

I think that our basic freedoms are violated when we cant choose our own passwords. 

IMO this is ridiculous. Minimum requirements exist to keep your account safe, not to violate your freedoms.

[minibois]

2 minutes ago, papajo said:

I already mentioned that:

11 minutes ago, papajo said:

I would even agree if they told that no attempt would be made to restore my account or refund transactions if I don't agree to change my password and get hacked. . 

-----------------------------

That will stand just as well in court as TOS, AKA: not.

 

Plus, that is ignoring the fact that:

a. people will still complain (and say "nuh-uh, I didn't agree to being allowed to hack!!"

b. it can still ignore the company's reputation ("wow, have you seen how often company X users gets hacked?!")

c. this will give the users a lot more text to read through, which they won't (which is sort of that TOS point)

[Blue4130]

12 minutes ago, papajo said:

 

I think that our basic freedoms are violated when we cant choose our own passwords

What country do you live in that this is baked into your charter of rights and freedoms?

[papajo]

3 minutes ago, Blue4130 said:

What country do you live in that this is baked into your charter of rights and freedoms?

Every country in the world wouldn't allow that in things more comprehensible to the old folks that made said laws. 

 

Imagine being forced to use particular types of locks/keys for your house door and not the one of your choosing. 

[Middcore]

3 minutes ago, Blue4130 said:

What country do you live in that this is baked into your charter of rights and freedoms?

 

Everyone has the basic freedom not to use a product they dislike... even if they dislike it over something as trivial as the company trying to protect you from yourself by requiring a decent password.

[Lurick]

4 minutes ago, papajo said:

Imagine being forced to use particular types of locks/keys for your house door and not the one of your choosing. 

You mean imagine being told to use secure locks as opposed to none because "freedomz"

[papajo]

2 minutes ago, Middcore said:

Everyone has the basic freedom not to use a product they dislike... even if they dislike it over something as trivial as the company trying to protect you from yourself by requiring a decent password.

Not when this is a norm(everybody has the same stupid system in a greater or less degree)/monopoly(there isnt any similar webpage and/or service) 

 

Then you have to. 

 

 

[Blue4130]

2 minutes ago, Middcore said:

 

Everyone has the basic freedom not to use a product they dislike... even if they dislike it over something as trivial as the company trying to protect you from yourself by requiring a decent password.

Sure, and in that case, his rights are not violated. No one is forcing him to use these services. They are not essential to life, therefore he has the option to not use them. They can choose any password requirements that they want, without violation of his "basic freedoms" 

[papajo]

Just now, Lurick said:

You mean imagine being told to use secure locks as opposed to none because "freedomz"

No i mean being forced to use a particular kind of lock or a minimum number of them. 

 

On a lock with combinations not being able to use my birthday or 11111111 

 

And if  I want I can choose also to have 0 locks 

 

or 101 locks 

 

The point is that nobody forces me it is up to me

[Blue4130]

Just now, papajo said:

No i mean being forced to use a particular kind of lock or a minimum number of them. 

 

On a lock with combinations not being able to use my birthday or 11111111 

 

And if  I want I can choose also to have 0 locks 

 

or 101 locks 

 

The point is that nobody forces me it is up to me

Just don't use their service if you don't like their requirements. Pretty simple solution. 

[papajo]

1 minute ago, Blue4130 said:

Sure, and in that case, his rights are not violated. No one is forcing him to use these services. They are not essential to life, therefore he has the option to not use them. They can choose any password requirements that they want, without violation of his "basic freedoms" 

People thinking like that could just live in a dictatorship without any issue north Korea would be a nice destination for your next summer vocations  

[Middcore]

Just now, Lurick said:

You mean imagine being told to use secure locks as opposed to none because "freedomz"

 

To my knowledge there is no place that has a law requiring you to have a lock on your home's door... because if somebody walks right in and takes all your stuff, well, they haven't really hurt anybody but you. Your home, your foolishness, your problem.

 

Since in creating an online account on some website, you're entering into a contract of sorts to use a product owned by somebody else... and since your account can potentially create a big headache for the owners, if not actually a financial loss... they can impose whatever security requirements they want. So his analogy is poor. 

 

1 minute ago, Blue4130 said:

Sure, and in that case, his rights are not violated. No one is forcing him to use these services. They are not essential to life, therefore he has the option to not use them. They can choose any password requirements that they want, without violation of his "basic freedoms" 

 

I fully agree. I'm just poking fun at this idea, so common these days, that "basic freedoms" ("my first amendment rights" is one you often see people cite in the US) apply in a contract between private parties they can freely choose whether or not to enter into. 

[papajo]

Just now, Blue4130 said:

Just don't use their service if you don't like their requirements. Pretty simple solution. 

It is not one single instance it is the NORM everybody does that.

 

Should I stop using the internet because of that? 

[Middcore]

Just now, papajo said:

People thinking like that could just live in a dictatorship without any issue north Korea would be a nice destination for your next summer vocations  

I suggest you read accounts of what life is actually like in North Korea from people unfortunate enough to have lived there. "A River in Darkness" by Masaji Ishikawa is a good start. Once you have I doubt you will make such flippant comparisons again.

[papajo]

1 minute ago, Middcore said:

To my knowledge there is no place that has a law requiring you to have a lock on your home's door... because if somebody walks right in and takes all your stuff, well, they haven't really hurt anybody but you. Your home, your foolishness, your problem.

Exactly same as my account my problem you get it m8! 

[Lurick]

Just now, Middcore said:

Since in creating an online account on some website, you're entering into a contract of sorts to use a product owned by somebody else... and since your account can potentially create a big headache for the owners, if not actually a financial loss... they can impose whatever security requirements they want. So his analogy is poor.

Exactly, if thousands of users make passwords of "password" and the site is attacked and thousands of accounts are compromised because of it then who's to blame because they gave users the easy option.

[XR6]

Just now, papajo said:

It is not one single instance it is the NORM everybody does that.

 

Should I stop using the internet because of that? 

No, just use a password manager or a password that isn't password123. Problem solved.

[Blue4130]

1 minute ago, papajo said:

It is not one single instance it is the NORM everybody does that.

 

Should I stop using the internet because of that? 

Yes, please. 

[Ashleyyyy]

3 minutes ago, papajo said:

Should I stop using the internet because of that? 

yes

[For Science!]

At one of my past work places, we had to change our password every 3 months, and also were not allowed to recycle old passwords. In the end, people just ended up either incrementing their old passwords (e.g. password1, password2, password3, password4). Or actually having to jot their current password on a notepad somewhere, which I guess defeats the purpose of keeping them.

[papajo]

2 minutes ago, Middcore said:

I suggest you read accounts of what life is actually like in North Korea from people unfortunate enough to have lived there. "A River in Darkness" by Masaji Ishikawa is a good start. Once you have I doubt you will make such flippant comparisons again.

That's my point Kim Jong-un would say (as people here say you have options it is your decision) that he gives them options, to live in a city or in the village, to go to the mall, to get a computer or to leave Korea if they dont like to !!! See everything is simple it is their decision nobody forces them to suffer like they do!