IIS.NET Site Feedback

Re: password too restrictive

steve schofield — Fri, 24 Jul 2009 03:30:10 GMT

It todays day and age, I'm glad IIS.net is having more restrictive passwords. :) Plus I see they have integrated auth now with Windows Live, so you can use that. If it's simple then your login with be automatic.

Re: password too restrictive

floppyho — Thu, 23 Jul 2009 18:05:47 GMT

Rovastar:
I don't understand why people are complaining about this.
Especially those that *just* login to complain about passwords. Troll-like if you ask me.

Your post, is probably the first trolling post in this thread. Nice try. It seems that is your purpose for responding here.

I created this thread as a constructive suggestion for the site admins. I have multiple accounts here and receive an email every time someone responds to my posts. When you respond to this, I will get an email with your comment. Do you understand how that works?

Rovastar:
I make all my passwords complex now as you never know what the password policy of a site/company will be. So it has never been a issue.
IF ou wnat unique passwords for each site why not havea normal password say
Test123 followed by the site name so iisnet
So your password would be Test123iisnet

Doesn't that defeat the purpose of having a restrictive password?

Rovastar:
Enough people aren't complaining as there is like wrong that is the point. Anyway enough feeding.....

If enough people weren't complaining then why are you responding?

Re: password too restrictive

Rovastar — Thu, 23 Jul 2009 13:50:08 GMT

I don't understand why people are complaining about this.

Especially those that *just* login to complain about passwords. Troll-like if you ask me.

I make all my passwords complex now as you never know what the password policy of a site/company will be. So it has never been a issue.

IF ou wnat unique passwords for each site why not havea normal password say

Test123 followed by the site name so iisnet

So your password would be Test123iisnet

Enough people aren't complaining as there is like wrong that is the point. Anyway enough feeding.....

Re: password too restrictive

floppyho — Thu, 23 Jul 2009 08:21:52 GMT

Well... People like me think you are obsessive compulsive, whereas you probably think we are lazy.

I had to create a new account to reply to this message. Why is that? I forgot my password here yet again because it is too restrictive. Not only that, but it takes too long to receive the password reset email.

Was the passwords always linked up to MS? I don't remember that when I created my other account. Now that this account is hooked up to my MS account, I wont have to worry about those passwords.

If enough people complain about something, then it is probably a valid complaint.

Re: password too restrictive

qbernard — Thu, 23 Jul 2009 07:39:52 GMT

Ian, I'm sure Microsoft is reading this as well, it is up to MS to decide what complexity they required for this site. Of coz for community sites this can be a little bit overwhelm, but heck we all have our own opinion.

For your concern about many passwords, I think it is up to the individual on managing those passwords, I have at least few hundreds, and out of that 100+ is my own and not work related, I maintain two different encrypted files to keep tracks of the password, and for work related, my peers keep the same copy of encrypted files, and for personal one. I let my wife know where I put it and how to unlock it in the event errrr I'm longer available :) and those personal related passwords are not related to community/forums/newsgroup, web memberships etc. For these type of password I just put it on a simple excel file and secure it password, even it got stolen i don't care much at the impact.... at most the attacker can post here under my name. yet. what's the big deal about this?

Re: password too restrictive

IanDSamson — Wed, 22 Jul 2009 10:28:47 GMT

That may be the case, tomkmvp, but how many sites do you work on? How many usernames, how many passwords do you have to remember? What happens should your disk crash and all your passwords are lost? Nothing is infallible and especially not Microsoft products, so if you have to reinstall your OS, how do you remember which password you entered "once" and told the site to remember? It's just a cookie that it puts on YOUR hard disk, not on the host site.

I could not remember my password so I changed it to one that I can remember, only this time it has to have an upper case letter somewhere in the password.

I still maintain it is far too restrictive, and who cares about 'bots' that send spam? I delete over 50 spam every day.

Re: password too restrictive

8xup68 — Tue, 21 Jul 2009 23:12:18 GMT

qbernard:
Hehe.. I don't have the same password nor pattern for every sites I associated with :) You got 1 more year to go before I change it.

Re: password too restrictive

qbernard — Sun, 24 May 2009 13:01:57 GMT

Hehe.. I don't have the same password nor pattern for every sites I associated with :) You got 1 more year to go before I change it.

Re: password too restrictive

steve schofield — Thu, 21 May 2009 02:49:55 GMT

What is your password pattern again? :) I'd be willing to test out that bank account security for you.

Re: password too restrictive

qbernard — Wed, 20 May 2009 12:47:18 GMT

Oohh. mine was err 6 yrs ago... Oops.. bad security practise :)
Ok Ok.. will change it in 2010.

Re: password too restrictive

tomkmvp — Tue, 12 May 2009 13:25:34 GMT

I don't even know my password. I entered it once and told the site to remember me. Doesn't seem like much of an issue ...

Re: password too restrictive

steve schofield — Mon, 11 May 2009 02:57:41 GMT

One reason for more restrictive passwords is to keep 'spam bots' from invading and ruining a great IIS resource. I agree having easier to remember and less restrictive passwords for a community site such as this is nice, unfortunately the spammers (ones who create bots) have tried to take advantage of such sites, which in turn make things worthless. I'll have a more restrictive password and a great IIS resources. My thoughts :)

Re: password too restrictive

IanDSamson — Sun, 10 May 2009 19:53:37 GMT

riznick:

maybe im just being cranky. I like using generic easy passwords for sites where security is of low importance. Forcing us to have uppercase+lowercase+numbers on a forum seems like overkill.

"SEEMS like"? It IS overkill. I would tell those programmers to be less anal-retentive and more user friendly, otherwise their userbase may decline in favor of other sites that are less prescriptive.

Re: password too restrictive

IanDSamson — Sun, 10 May 2009 19:49:53 GMT

when i joined this site, I was told my regular password was not acceptable because the password I had to use (HAD TO use) contains at least one upper case, one lower case, and one numeral in the password. Just who the #*$& do IIS think they are to prescribe user passwords?

Re: password too restrictive

riznick — Thu, 18 Dec 2008 09:40:45 GMT

maybe im just being cranky. I like using generic easy passwords for sites where security is of low importance. Forcing us to have uppercase+lowercase+numbers on a forum seems like overkill.