!!ATTENTION!! - Please Secure Your Passwords!

[DoomRater]

I for one welcome the report button.

[Caligari87]

...Apologies for my outburst, Neural. I had a moment.

[mutator]

as soon as I read this I naturally got a thought that someone is trying to access other people's account, is that correct? I have nothing really important in my account but if there is hacker then I would be cautious still

[wildweasel]

as soon as I read this I naturally got a thought that someone is trying to access other people's account, is that correct? I have nothing really important in my account but if there is hacker then I would be cautious still

The problem is not that personal details are being used, it's that accounts are literally being used to post stupid crap.

[4thcharacter]

Why not ban all inactive accounts? It'll take a lot of time for the mods but it'll sure save everyone lots of trouble. Anyone can message the mods anyway just in case they want to reactivate their account.

I think it would be better to enable post approval for inactive accounts.

The whole idea behind this is to starve these people for attention. They can't get attention very effectively if nearly every account they compromise is stuck under a moderator blanket.

Never thought of that. This is actually much more better.

[Devianteist]

Well holy damn, I come back, see all this, log out and try to log in just to see a Captcha. What in the blazes did I miss?

[NeuralStunner]

For the most part, a community lesson in account security, self-control, and troll management.

[ibm5155]

Use ASCII chars that are never used normally for passwords, 99% (idk if exist one) of brute force tests never use it for speed up.

password examples:
1)♣hi
2)▒▓│┤
3)■
4)☺ibmlord
4)     (not space, it char(255)

you can do all these Keys pressing alt + the char number,ex: (press and hold alt, type 1, type 7, type 8 on numpad, leave alt)
The only draw side, is that you'll need to copy and paste your password somewhere if you want to used it on smartphones/tablets

EDIT: but that doesn't help if the user is actually using some exploit for stealing the password (by the look, only old accounts, from 2005 to lower are being used)...

[Marrub]

Those are Code Page 437 characters.
Assuming the forum software allows Unicode passwords, would it not be better to use some random non-english password like "фвыадофыв0цоупщру" and know how to type it?

[ZzZombo]

LEL, I would hack that in no time. Source: am Russian. /s

[4thcharacter]

Another great way to have a strong password: Use your username on other sites/games/emails etc that you'll never tell anyone here or everyone ever IRL as a password.

[NeuralStunner]

Another great way to have a strong password: Use your username on other sites/games/emails etc that you'll never tell anyone here or everyone ever IRL as a password.

In principle, that's even worse than sharing passwords between the two.

[edward850]

Another great way to have a strong password: Use your username on other sites/games/emails etc that you'll never tell anyone here or everyone ever IRL as a password.

I take it you've never heard of social engineering, then? Because that idea is at least 200% vulnerable to it, especially as you just told everyone it.

[4thcharacter]

In principle, that's even worse than sharing passwords between the two.

In what way? If you're using the same screen names on every single site then don't. (it's a bad idea) Use a username on websites that you'll likely less tell anyone or be asked by anyone else about them. This actually depends on the person and how many total accounts they have throughout the internet sites.

Another great way to have a strong password: Use your username on other sites/games/emails etc that you'll never tell anyone here or everyone ever IRL as a password.

I take it you've never heard of social engineering, then? Because that idea is at least 200% vulnerable to it, especially as you just told everyone it.

You mean getting manipulated? Again, depends on the person. Not telling what sites you're also signed up to helps. Choosing usernames on sites that have different purpose or are awkward to ask helps. And you do know that there are tons of websites that an individual may signed up to and they could have used a username on a site that no one would think they use as a pass?

[edward850]

All that requires you to consciously know you're are being manipulated in the first place. That's kinda the point of social engineering; you don't. And somebody who has the means and skill to get into your account via social engineering will very well think of your username, any username, as a password.

The people who usually break into these sorts of systems aren't stupid. In fact they are testing you as a person, and if you are a smart enough person to not use a public-facing phrase as a password.