Forum Rules & Information

Duckk wrote:I'm a computer science major, so I keep an eye out regarding security. I'm not worried about spam bots accessing your account. I'm worried about someone getting access to the database, cracking the password and email list, then using it to hijack accounts elsewhere. Even if you practice safe internetting, not everyone else does. So if they recycle email accounts and passwords to register at other sites, an attacker could easily get access to your entire digital life (there's a great Wired article where that happened to one of the writers). To that end, I want the passwords to be complex as possible, to make the problem space large. No admin worth his or her salt would ever want to make things easy for an attacker, no matter what said attacker's ultimate goal is. Be thankful I didn't enforce a longer password length or a requirement for non-alphanumeric symbols. Nowadays it's quite trivial to crack passwords 10 to 11 alphanumeric characters long, thanks to GPU assisted hashing and selective dictionary based rainbow tables.

I'll bite.

Anyone who signs up with their real email address to anything on the internet let alone something as benign as a forum for your favorite author is an idiot.

Otherwise.

Who cares if they hack my "account". It is an internet forum. Let em. At worst you ban my hiney if my "low grade" password gets hacked and some jerk spammer gets a hold of it.

An easy password saves me buckoo time every time I log in. Swear everyone is afraid of the internet boogeyman. Same goes for all of everyone's locks, dead bolts, bars, alarm systems, dogs, and other devices. Could get rid of them all and save money while making far more as you waste less of your life being 'safe' and more actually living.

Somehow doubt my pet peeve diatribe will change your mind. Every comp sci server guy I know are all the same(includes my brother in-law). Worried about boogeymen, who they all admit could easily hack their system if they tried, meanwhile burdening everyone with time consuming conniptions supposedly thwarting such people. Ultimately gaining nothing except the wastage of everyone time.

Well off to go enjoy the forums. Read them long enough. Figure I will participate.

I'm just not seeing how this is any sort of inconvenience at all. Thanks to the miracle of modern technology, your browser can store the password so you don't even have to keep entering in the password every time you visit, and there are services like LastPass which generate and store very long random passwords automatically. And it's not as if I'm enforcing any burdensome password requirements (however much I want to). It's the same as any website which requires signing up for an account. Go anywhere on the web, any website at all, and you'll find them enforcing the same kinds of requirements on passwords, at the very least.

I have run into NO other online forum, website, etc that requires CAPs along with normal letters and symbols. Not even internet banking. Neither Chase, nor Sterling require caps. Maybe yours does.

Cheers.

Online Password storage? Never heard of it. Will look into it.

Then you and I travel in very different circles. Offhand, the only service which doesn't enforce case sensitivity that I know of is Blizzard's Battle.net.

Incidentally, here's something from today which helps illustrate why security failures at one site can have impact everywhere, including small niche sites.

http://arstechnica.com/security/2013/11 ... apers-com/

Duckk wrote:Then you and I travel in very different circles. Offhand, the only service which doesn't enforce case sensitivity that I know of is Blizzard's Battle.net.

Incidentally, here's something from today which helps illustrate why security failures at one site can have impact everywhere, including small niche sites.

http://arstechnica.com/security/2013/11 ... apers-com/

Allowing case sensitivity is in no shape the same thing as FORCING one to use Capital letters AND lower case letters in a password.

PS> As far as I am concerned everything I put on the internet is public along with all machines tied to the internet. Thinking otherwise is looney IMO. Let em have my user names etc. I do not care. If it is tied to the internet it is not safe. Period. You want your bank account safe? It had better not be electronically tied to anything. Anyone who has been given access to dump money in can pull money out. Seen it happen screwing said person over. The idiot had their savings account tied to their checking. Both were drained. I bought his families groceries for 2 months while he got it sorted out.

Dear DuckK - I am a new poster on these forums (my evil son got me hooked -- payback for my having introduced him to David Weber's books in the first place ). I know that I am not as careful protecting my online ID as people who really know what they are doing, and like the last poster, I do reach a point where I would just as soon spend more time living and less time worrying about potential threats. Having said that, however, those are MY choices. You have taken on the task of running a forum for a lot of people who have very different risk tolerances. I appreciate the trouble you go to to make the experience both enjoyable and safe for all of us. Best wishes for a lovely holiday season!

Just a couple of quickies:

1) Is there an "introductions"-type thread anywhere, for new chums to, well, introduce themselves, explain why they're here, tell people a bit about themselves, etc? Can't see one, but that doesn't mean I've looked in the right place...

2) Can't see anywhere in the UCP to add a signature - or are snotties too low on the chain to be allowed such a thing?

Thanks!

PS: Nice to see someone with more sense than usual about a modicum of internet security. As an ex-member of a forum that was taken out by spammers, I appreciate it. And, frankly, cavilling over the inconvenience of using caps and figs in a password, yet finding the time to add seven smilys in two posts seems a little ...inconsistent, no?

Welcome aboard.

Signature is in the user control panel section along with a bunch of other things, like location.

Enjoy your visits,
T2M

pyan wrote:Just a couple of quickies:

1) Is there an "introductions"-type thread anywhere, for new chums to, well, introduce themselves, explain why they're here, tell people a bit about themselves, etc? Can't see one, but that doesn't mean I've looked in the right place...

2) Can't see anywhere in the UCP to add a signature - or are snotties too low on the chain to be allowed such a thing?

Thanks!

PS: Nice to see someone with more sense than usual about a modicum of internet security. As an ex-member of a forum that was taken out by spammers, I appreciate it. And, frankly, cavilling over the inconvenience of using caps and figs in a password, yet finding the time to add seven smilys in two posts seems a little ...inconsistent, no?

If you (as I) can't find the mentioned 'user control panel', go to the front page of the forums (or click on 'Forums' in the top bar) and you will find it with a small, red front over the menu of forums (Honorwerse and so on).

thinkstoomuch wrote:Welcome aboard.

Signature is in the user control panel section along with a bunch of other things, like location.

Enjoy your visits,
T2M

pyan wrote:Just a couple of quickies:

1) Is there an "introductions"-type thread anywhere, for new chums to, well, introduce themselves, explain why they're here, tell people a bit about themselves, etc? Can't see one, but that doesn't mean I've looked in the right place...

2) Can't see anywhere in the UCP to add a signature - or are snotties too low on the chain to be allowed such a thing?

Thanks!

PS: Nice to see someone with more sense than usual about a modicum of internet security. As an ex-member of a forum that was taken out by spammers, I appreciate it. And, frankly, cavilling over the inconvenience of using caps and figs in a password, yet finding the time to add seven smilys in two posts seems a little ...inconsistent, no?

Signature is in the user control panel section along with a bunch of other things, like location.

Enjoy your visits,
T2M

ICQ #:
AIM:
WL/MSN Messenger:
Yahoo:
Jabber:
Website:
Location:
Occupation:
Interests:
Birthday:

Nope. These are all the headings on that page, and "signature" isn't one that I can see, I'm afraid...