Registration -- site claims bad password is "good"

Discussions about the forum and contents
Post Reply
MB7
Posts: 4
Joined: Wed May 22, 2013 4:24 pm

Registration -- site claims bad password is "good"

Post by MB7 » Wed May 22, 2013 4:41 pm

While registering for a new account, I entered an 8-digit password, and it said “Good.” That implies that it’s good. And yet when I clicked Submit, it said it was too short. I’m thinking that if it’s too short, then it’s not “Good.” Just sayin.

User avatar
LadyGeek
Site Admin
Posts: 39250
Joined: Sat Dec 20, 2008 5:34 pm
Location: Philadelphia
Contact:

Re: Registration -- site claims bad password is "good"

Post by LadyGeek » Wed May 22, 2013 7:25 pm

Welcome! Actually, you were dealing with 2 slightly different things.

First, "Good" is the reading by our password strength meter. It's intended to help members select passwords that are difficult to crack. See: Forum Software Updated: Show Password Strength

Second, the minimum password length is 9 characters. Most people expect 8, so we go 1 more. The forum software will accept a maximum password length of 100 characters.
To some, the glass is half full. To others, the glass is half empty. To an engineer, it's twice the size it needs to be.

User avatar
Epsilon Delta
Posts: 6482
Joined: Thu Apr 28, 2011 7:00 pm

Re: Registration -- site claims bad password is "good"

Post by Epsilon Delta » Wed May 22, 2013 10:59 pm

It may be worth mentioning that bogleheads.org password have been attacked in the past. Weak passwords were used to hijack accounts and vandalize the forum. Responding to this took some effort from the moderators and admins. Choosing a reasonably password may help to prevent a recurrence and save the volunteers some work.

bogleheads.org attacked - some accounts hijacked

Post Reply