PASSWORD Security

Discuss technical problems and features here
User avatar
rdearman
Site Admin
Posts: 7231
Joined: Thu May 14, 2015 4:18 pm
Location: United Kingdom
Languages: English (N)
Language Log: viewtopic.php?f=15&t=1836
x 23123
Contact:

PASSWORD Security

Postby rdearman » Sun Jul 23, 2017 8:17 pm

We've had some reports of people being locked out of their accounts because of "failed login attempts". We've taken the IP addresses of the person(s) attempting this, but just for security sake you might want to change your password to something completely random and not guessable. Because you can have your browser remember the password there isn't any need to make it easy to remember. You can get some very strong passwords on Random.org. Or https://www.generateurdemotdepasse.com/

I would suggest a password of 20 characters with mixed upper and lower-case, with digits. This will get you a very strong password, which isn't going to be in a dictionary.
8 x
: 0 / 150 Read 150 books in 2024

My YouTube Channel
The Autodidactic Podcast
My Author's Newsletter

I post on this forum with mobile devices, so excuse short msgs and typos.

User avatar
aokoye
Black Belt - 1st Dan
Posts: 1818
Joined: Sat Jul 18, 2015 6:14 pm
Location: Portland, OR
Languages: English (N), German (~C1), French (Intermediate), Japanese (N4), Swedish (beginner), Dutch (A2)
Language Log: https://forum.language-learners.org/vie ... 15&t=19262
x 3309
Contact:

Re: PASSWORD Security

Postby aokoye » Sun Jul 23, 2017 9:50 pm

Ugh I was wondering what was going on with this as I have been having this issue lately with my new phone that I've never logged in on. Thanks for keeping us all abreast and needless to say I'm happy the password I use for this website is almost totally unlike any of my other ones (I should be a bit better about password management though).
0 x
Prefered gender pronouns: Masculine

User avatar
MorkTheFiddle
Black Belt - 2nd Dan
Posts: 2113
Joined: Sat Jul 18, 2015 8:59 pm
Location: North Texas USA
Languages: English (N). Read (only) French and Spanish. Studying Ancient Greek. Studying a bit of Latin. Once studied Old Norse. Dabbled in Catalan, Provençal and Italian.
Language Log: https://forum.language-learners.org/vie ... 11#p133911
x 4823

Re: PASSWORD Security

Postby MorkTheFiddle » Sun Jul 23, 2017 10:59 pm

rdearman wrote:We've had some reports of people being locked out of their accounts because of "failed login attempts". We've taken the IP addresses of the person(s) attempting this, but just for security sake you might want to change your password to something completely random and not guessable. Because you can have your browser remember the password there isn't any need to make it easy to remember. You can get some very strong passwords on Random.org. Or https://www.generateurdemotdepasse.com/

I would suggest a password of 20 characters with mixed upper and lower-case, with digits. This will get you a very strong password, which isn't going to be in a dictionary.

For the record, I was one locked out of my account. Answering the security question let me in.
Also for the record, I changed my password, which was 55iwtbotiwtwot%% when I was challenged. I didn't use that password for any other site, and I use password management software.
0 x
Many things which are false are transmitted from book to book, and gain credit in the world. -- attributed to Samuel Johnson

User avatar
rdearman
Site Admin
Posts: 7231
Joined: Thu May 14, 2015 4:18 pm
Location: United Kingdom
Languages: English (N)
Language Log: viewtopic.php?f=15&t=1836
x 23123
Contact:

Re: PASSWORD Security

Postby rdearman » Sun Jul 23, 2017 11:12 pm

I must add, we don't think anyone's account was accessed just locked out because of someone attempting to get in.
2 x
: 0 / 150 Read 150 books in 2024

My YouTube Channel
The Autodidactic Podcast
My Author's Newsletter

I post on this forum with mobile devices, so excuse short msgs and typos.

User avatar
arthaey
Brown Belt
Posts: 1080
Joined: Sat Jul 18, 2015 9:11 pm
Location: Seattle, WA, USA
Languages: :
EN (native);
ES (adv receptive, int productive);
FR (false beginner);
DE (lapsed beg);
ASL (lapsed beg);
HU (tourist)
Language Log: viewtopic.php?f=15&t=3864&view=unread#unread
x 1675
Contact:

Re: PASSWORD Security

Postby arthaey » Mon Jul 24, 2017 3:09 am

Morgana wrote:Thank you for this. I had the "exceeded login attempts" warning as well. I don't know what the point would be to hacking into random users' accounts :(

If they figure out a username/password combination that works on the forum, they can then go and try that same combo at bank websites etc, to see if you reused it there.
5 x
Posts in: FrenchGermanHungarianSpanish
NaNoWriMo: 10,000 words
Corrections welcome in any language; I prefer an informal register.

User avatar
leosmith
Brown Belt
Posts: 1341
Joined: Thu Sep 29, 2016 10:06 pm
Location: Seattle
Languages: English (N)
Spanish (adv)
French (int)
German (int)
Japanese (int)
Korean (int)
Mandarin (int)
Portuguese (int)
Russian (int)
Swahili (int)
Tagalog (int)
Thai (int)
x 3102
Contact:

Re: PASSWORD Security

Postby leosmith » Mon Jul 24, 2017 4:28 am

MorkTheFiddle wrote:I use password management software.

I do too. One thing that I've found is that in certain instances on certain sites it wasn't inputting the correct password. An example of this is stored browser data somehow beating my software to the punch. Certain sites confuse it for some reason, but not this one, at least in my case.
1 x
https://languagecrush.com/reading - try our free multi-language reading tool

Tillumadoguenirurm
Orange Belt
Posts: 193
Joined: Fri May 06, 2016 3:07 pm
Languages: English
x 235

Re: PASSWORD Security

Postby Tillumadoguenirurm » Mon Jul 24, 2017 11:42 am

I was wondering about this, I thought it was just my phone acting weird again. I have to say that I'm quite happy that the site admins, owners (...you people there...) inform us users when something like this happens. Thanks! :)
2 x

User avatar
MorkTheFiddle
Black Belt - 2nd Dan
Posts: 2113
Joined: Sat Jul 18, 2015 8:59 pm
Location: North Texas USA
Languages: English (N). Read (only) French and Spanish. Studying Ancient Greek. Studying a bit of Latin. Once studied Old Norse. Dabbled in Catalan, Provençal and Italian.
Language Log: https://forum.language-learners.org/vie ... 11#p133911
x 4823

Re: PASSWORD Security

Postby MorkTheFiddle » Mon Jul 24, 2017 5:11 pm

Thanks to the admin for the heads-up and his diligence. My user name is not one a hacker could pick out of a hat (given the obscurity of the source and given the fact that I misspelled the name), and I use the name in very few other places. One of the other places is HTLAL, which when last I logged on did not have https security. Is there a way, I wonder, to get oneself purged from the user list of HTLAL?
0 x
Many things which are false are transmitted from book to book, and gain credit in the world. -- attributed to Samuel Johnson

Bluepaint
Brown Belt
Posts: 1272
Joined: Fri Jul 03, 2015 7:41 pm
x 1031

Re: PASSWORD Security

Postby Bluepaint » Mon Jul 24, 2017 6:12 pm

MorkTheFiddle wrote:Thanks to the admin for the heads-up and his diligence. My user name is not one a hacker could pick out of a hat (given the obscurity of the source and given the fact that I misspelled the name), and I use the name in very few other places. One of the other places is HTLAL, which when last I logged on did not have https security. Is there a way, I wonder, to get oneself purged from the user list of HTLAL?


The admin on HTLAL never replies to us so I highly doubt it.
1 x

User avatar
Iversen
Black Belt - 4th Dan
Posts: 4768
Joined: Sun Jul 19, 2015 7:36 pm
Location: Denmark
Languages: Monolingual travels in Danish, English, German, Dutch, Swedish, French, Portuguese, Spanish, Catalan, Italian, Romanian and (part time) Esperanto
Ahem, not yet: Norwegian, Afrikaans, Platt, Scots, Russian, Serbian, Bulgarian, Albanian, Greek, Latin, Irish, Indonesian and a few more...
Language Log: viewtopic.php?f=15&t=1027
x 14962

Re: PASSWORD Security

Postby Iversen » Mon Jul 24, 2017 7:07 pm

Those of us who are moderators in both places can block your HTLAL account, but then you can't use the search facilites or the list over the latest messages (though that list has become somewhat of joke lately). Besides your name would still figure on the user list, and we can't remove it from there.
1 x


Return to “Technical Support and Feature Requests”

Who is online

Users browsing this forum: Google [Bot] and 2 guests