quote:

---

Originally posted by Lothlorien:
Passwords, 15 characters, so start thinking now. Lothlorien, AS Host

---

quote:

---

Originally posted by Gee D:
By 15 characters, is that the maximum length or will that be the one and only length?

---

I think it is the length. Will check again oif possible.
 

---

Posted by Lothlorien (# 4927) on :
 
Have checked Gee D. That is the minimum. 15 characters.
 

---

Posted by Gee D (# 13815) on :
 
Thank you, we shall have to think.
 

---

Posted by Golden Key (# 1468) on :
 
No sig???
 

---

Posted by Lothlorien (# 4927) on :
 
No need to panic. Apparently the 15 character password was suggested by one of the back room workers. One host has just said hers is 9 with no problems. Mine is 15, purely by accident.

Yes. No sig. don’t ask me why. I do not know .
 

---

Posted by Lyda*Rose (# 4544) on :
 
So if there are no sigs, there is no way to make charitable pleas as you have in your sig now? No authors can let shipmates know they have a new literary offering? Wodders can't let people know he has a holiday cottage on offer? Well, poo!
 

---

Posted by Boogie (# 13538) on :
 

quote:

---

Originally posted by Lothlorien:
No need to panic. Apparently the 15 character password was suggested by one of the back room workers. One host has just said hers is 9 with no problems. Mine is 15, purely by accident.

Yes. No sig. don’t ask me why. I do not know .

---

quote:

---

Originally posted by Lothlorien:
[...] Apparently the 15 character password was suggested by one of the back room workers. [...] Mine is 15, purely by accident. [...]

---

But, purely by accident is 18 characters, if you include the spaces. And is it really wise to divulge our password here?

Ok, I'll get my coat.
 

---

Posted by Lothlorien (# 4927) on :
 
I have reported that one page says 15 characters and another leaves it open. we will see what happens.

Lothlorien whose password is not purely by accident.
 

---

Posted by Stejjie (# 13941) on :
 

quote:

---

Originally posted by Boogie:

quote:

---

Originally posted by Lothlorien:
No need to panic. Apparently the 15 character password was suggested by one of the back room workers. One host has just said hers is 9 with no problems. Mine is 15, purely by accident.

Yes. No sig. don’t ask me why. I do not know .

---

Is it a software thing or an Admin decision?

---

Software thing, according to Eutychus' post in The Styx.
 

---

Posted by Bishops Finger (# 5430) on :
 
Pity about the pending disappearance of the sig - I've found them a wonderful source of quotable quotes!

IJ
 

---

Posted by no prophet's flag is set so... (# 15560) on :
 
There's this. I expect many compromises were needed to be made in this deployment. Having suffered through several changes to my office/business, the experience advises to patiently see how it all works, the inevitable tinkered and adjusting etc. I expect there will be features which will be rather pleasing and surprising to us also.
 

---

Posted by Boogie (# 13538) on :
 
I wonder if there will be a facility for sharing photos. I miss that on the Ship. It would be good to have a thread or two where they are allowed.



[ 25. February 2018, 15:54: Message edited by: Boogie ]
 

---

Posted by lilBuddha (# 14333) on :
 

quote:

---

Originally posted by Boogie:
I wonder if there will be a facility for sharing photos. I miss that on the Ship. It would be good to have a thread or two where they are allowed.

---

quote:

---

Originally posted by lilBuddha:

quote:

---

Originally posted by Boogie:
I wonder if there will be a facility for sharing photos. I miss that on the Ship. It would be good to have a thread or two where they are allowed.

---

Photos take space. Server space costs money. That isn't something changed by the new Ship software.
There are a number of free image hosting sites that one can link to.

---

quote:

---

Originally posted by Bishops Finger:
Pity about the pending disappearance of the sig - I've found them a wonderful source of quotable quotes!

IJ

---

quote:

---

Originally posted by Boogie:
My other forum just copies the last reply when you hit ‘quote’. It doesn’t nest them at all.

That works and the photos just come over as thumbnails.

I loved the blogs on the Church of Fools. They weren’t ordinary blogs, they became places for great conversations. Some used photos and others didn’t but it was really special, a blogging community the like of which I’ve never found since.

---

quote:

---

Originally posted by Stejjie:

quote:

---

Originally posted by Boogie:

quote:

---

Originally posted by Lothlorien:
No need to panic. Apparently the 15 character password was suggested by one of the back room workers. One host has just said hers is 9 with no problems. Mine is 15, purely by accident.

Yes. No sig. don’t ask me why. I do not know .

---

Is it a software thing or an Admin decision?

---

Software thing, according to Eutychus' post in The Styx.

---

quote:

---

Originally posted by Tubbs:
You get mobile functionality...

---

quote:

---

Originally posted by RuthW:

quote:

---

Originally posted by Tubbs:
You get mobile functionality...

---

This right here. OMG. This alone makes it all worthwhile, IMO.

---

quote:

---

Originally posted by Lothlorien:
One of the things which appealed to me about the Ship many years and still does, is that it is photo, cartoons, GIFs free. I have seen some forums withhuge animated pics which distract from the actual post.

---

quote:

---

Originally posted by lilBuddha:
Also, for those of who find annoying the post within a post within a post within a post within a post just to have someone say me too; images make that so much the worse.

---

quote:

---

Originally posted by Rossweisse:
Besides, I get shown enough photos of other people's dinners on Facebook.

---

quote:

---

Originally posted by Huia:
Barnabas posted on page 2 of the Styx thread that the maximum length of passwords is 20 characters. I understand that spaces are included in the count.

---

I think he said the screen name limit is 20 characters and can have spaces. That is different from the password. I do not know this for certain, but I suspect that spaces are a no-no for the password. At least, I have never met a password program that allowed them before.
 

---

Posted by Barnabas62 (# 9110) on :
 
Hedgehog is right. Minimum password length is 15 characters and I don't think you can use spaces. Maximum login name/screen name length is 20 characters. Unlike this old Ship, on the new one whatever you choose as your login name (user name) becomes your screen name.
 

---

Posted by Lothlorien (# 4927) on :
 
Here it is down here, February 28th and we wait for the rest of the world to catch up for the launch of the new ship. See you on board. Lots of features we have been investigating for quite a while now, and lots and lots of behind the scenes work to get us this far.
 

---

Posted by Rossweisse (# 2349) on :
 
Many thanks to all who have been working on her so hard and for so many weeks. See you aboard the New Ship!
 

---

Posted by Lothlorien (# 4927) on :
 
Months, Ross. I registered in September and there was a lot of work done to get it so hosts could register then. I know from my sons just hpw long backstsage can be to do something like this and am grateful.
 

---

Posted by Huia (# 3473) on :
 
Thanks Hedgehog and Barnabas.

Huia the techno peasant rides again (with thanks that Pete didn't copyright that word)
 

---

Posted by Rossweisse (# 2349) on :
 

quote:

---

Originally posted by Lothlorien:
Months, Ross. I registered in September and there was a lot of work done to get it so hosts could register then. I know from my sons just hpw long backstsage can be to do something like this and am grateful.

---

quote:

---

Originally posted by Lothlorien:
Months, Ross. I registered in September and there was a lot of work done to get it so hosts could register then.

---

The Admins started working on testing the new boards last August, but Admin/Editor discussions about the future of the Ship (of which the boards are but part, of course) started as far back as September 2015.

It's been a long old road to get to this stage. I really hope you all like the result!
 

---

Posted by magicroundabout (# 18869) on :
 
Hi there,

I posted this long explainer about passwords for admins on a private admins board where passwords were being discussed and it's been suggested that I post it here too. This is an attempt to justify the 15-characters of passwordyness that we require on the new site and to give ideas for how you might create a new password. It may...also...possibly...well maybe not...just be a bit interesting?

This was posted in response to the statement: "I still don't see how a longer password is necessarily more secure.", but I got a bit carried away.

Thanks.

--


In short, longer passwords are harder to automatically guess/crack. If there are 26 characters that you can use, then a 1-character password has 26 possibilities, a 2-character password has 676 possibilities. A 7-character password has around 8 billion possibilities (this isn't such a huge number for a computer). A 15 character password has 1,677,000,000,000,000,000,000 possibilities. This is, actually, quite a big number for a computer.

This is demonstrated, with a small amount of mathematical jargon, here: https://xkcd.com/936/

The solution proposed in the comic above is not sequences of random letters, but sequences of random WORDS.

Humans, it turns out, aren't actually very good at being totally random (though I suspect the people on these boards are better at it than most! ), so if you want to try this out, here's a computer doing it for you: http://preshing.com/20110811/xkcd-password-generator/

If you're interested in more detail then read on...

Fact 1: There are nasty "bots" or "botnets" - automated networks of computer programs working together to try to break in to websites - that pose a risk to any login form.

Fact 2: There are also huge sets of emails and encrypted passwords that have been posted publicly - stick your email address in here and be scared: https://haveibeenpwned.com/

Encrypted passwords are hard to unencrypt. But in both cases "brute force" can be used to try to log in to a website as someone else or to try to reverse engineer a password from its encrypted version.

To explain this, you need to understand how passwords work. When you set a password it is encrypted using some clever coding system, and the encrypted version is stored.

So let's say you set your password to be "alfred" and the encryption is a simpler "add-one-to-the-letter" code, then this is encrypted and stored as "bmgsfe"

But with real passwords the coding is more complicated and we can't unencrypt this. So what happens when you log in? Well, the password you enter is encrypted using the same method again, and the result compared. So you enter "alfred" when you log in, this is encrypted to "bmgsfe" and compared against what is stored. They match, so you get in!

So you can "brute force" a login screen by just throwing a large number of login requests at it with different details and seeing if you can guess one. This can generally be thwarted by what is called "Rate limiting" where you only let another computer try a certain number of times, and if they fail enough times to exceed that then they get locked out either temporarily (to slow them down) or permanently, requiring some additional information to unlock.

But if you've downloaded a big long list of username and encrypted passwords from a hacked database, you can have as many goes as you like at this.

This can also be aided by the fact that some people have very simple passwords. So if you want to try and "brute force" someone's password you might start by trying a few things like:

password
Password
password1
password123
p@ssword
passw0rd
letmein
123456
qwerty
iloveyou
whatever
or anything from this list: https://en.wikipedia.org/wiki/List_of_the_most_common_passwords

This allows you to quickly get in to some accounts without having to try every possible combination of letters.

Note: if any of your passwords are in that list go and change them NOW!

Note also that if someone has a list of emails/passwords with yours in it, and they work it out, then the next step is to try and log in somewhere else with that email/password combination.

Any website could just be collecting your emails and passwords to try logging into your Facebook account, or your email account! (The Ship is NOT doing this. It's not a Pirate ship!)

So, using different passwords on different websites is also important. I would say, if nothing else, use a different password for your email account. Because once a hacker has access to that they can probably get access to all sorts of other things.

I hope this was useful.
 

---

Posted by no prophet's flag is set so... (# 15560) on :
 
It'll probably all be good if there's implementation of the automatic email lost password feature,ie the forum software package does it without human involvement.
 

---

© Ship of Fools 2016


UBB.classic^TM 6.5.0