Triumph Rat Motorcycle Forums banner
  • Hey everyone! Enter your ride HERE to be a part of September's Bike of the Month Challenge!
1 - 20 of 32 Posts

·
Registered
Joined
·
2,848 Posts
Discussion Starter · #1 ·
I thought my password was suppose to be something I think up as my PIN. It ticks me off that I have to choose one that someone else puts the stipulations on. It was bad enough when I had 2 passwords, one the one I use and a 2nd for the sites that require it to be even longer with more stipulations. Now this site is asking me to make up another one with at least 10 characters. My PIN/Password should be mine and the responsibility if it is easy to figure our or not should be mine, not someone else to tell me to make it longer and have numbers and caps and lowercase, blah, blah, blah.:frown2:
 

·
Premium Member
Joined
·
7,051 Posts
The issue was the site was hacked and user names/passwords/email-addresses were stolen earlier in the year.

If you have used the same password you had here on other sites (particularly for sensitive things like banking/work etc) I would recommend you change your password at those other sites as there is a chance someone else could get access to those sites using your identity.

Not everyone is at risk but I am sure a significant number of members do tend to re-use passwords across multiple sites and so may be placed at risk of fraud because of what has happened and the site is trying to mitigate the damage the theft has caused.


I think this was badly handled initially by the site owners but requiring a stronger password and forcing a password change I think is a responsible thing to do in the light of what has happened.
 

·
Registered
Joined
·
2,848 Posts
Discussion Starter · #4 · (Edited)
Your TEMPORARY password assigned by TRatNet is just that, temporary.

Log in, go to User CP and change it to whatever you want.
What pisses me off is that it can be "anything I want" as long as it's 10 characters or more, has caps, has lower case, has numbers, and has symbols. Sounds more like I can change it to anything i want as long as it's what they want. My PIN didn't contain any caps, symbols or 10 characters.
In my life of computers I have never been hacked. I'd rather take my chances with my PIN than having the bad guys know what formula they need to figure out what it is.
 

·
Premium Member
Joined
·
2,377 Posts
Just change your password and move along.
I've had the same issue with Ducati m.s and had to change passwords and I'm long over it.
 

·
Registered
Joined
·
48 Posts
Site and database administrators might need very very very complex and very very very long passwords.
If someone figures out a user's password, there is no real harm to sites such as this.
Perhaps whoever is in control will rethink the password requirement and make some sensible adjustments.

Don
 
  • Like
Reactions: o1marc

·
Premium Member
Joined
·
7,051 Posts
If you don't re-use passwords across sites then no big deal - you don't need to worry.

People really don't want your password to post stuff on this site impersonating you and even if they did - it would not be a big drama.

Probably no would else would even notice it wasn't really you but some Russian gangster! :D


Problem is people (who have spent their life having just a signature that identified them) now have to have a password for their email, bank account, insurance, loan repayments, work, sites that have their credit card details (eg Amazon, PayPal) etc.

They tend to re-use their passwords as it is hard to remember them. If someone gets their password from this forum stolen, it will be used with their user name and email to try and access other sites (like banks, PayPal etc) around the world.

Friend of mine's elderly father had his bank log in details stolen. It was devastating.
 

·
Registered
Joined
·
1,469 Posts
+1 Jonkster. It's people using the same pass words for sensitive and nonsensitive accounts. My son's a computer security engineer and says most sites are always on the edge of being breached.
Per his recommendation I use a password management service, Last Pass in my case but there are other good ones. You can generate ultra secure passwords that the site catalogues and then only have to remember one master password. Once you log in to Last Pass and you go to a site requiring a password Last Pass automatically logs you into that site.
 

·
Registered
Joined
·
356 Posts
Took me 2 attempts to log in because I forgot my new password lol and now I am so outraged bugger it that I am going to go for a ride ;-)
 

·
Premium Member
Joined
·
8,400 Posts
Heck, some sites such as financial institutions are beginning to recommend 2-step verification, so if you think the password requirements here are bad, wait until a site asks you to do that :)

I have had someone try to hack one such account and took the advice of the institution for the 2-step verification. I later implemented it on 3 other accounts. Now to log on, I have to enter my password, wait for a text to my cell phone with a 4 digit code, and then enter that. Is it a pain, yes. Is it more secure? I am sure it is. (A) Because the code only comes to my phone (B) if someone attempts to hack and guess the codes, I will get repeated texts that will tip me off to the attempts

The site asking for stronger passwords isn't bad practice. While an individual may be willing to accept the risk, the site itself is also at risk of breaches and may not be willing to accept that same risk. Also, there are plenty of individuals who really don't know how to properly access their security risk.

There were probably dozens of users on here who had passwords such as password, 12345, TRN123 and the like.

If folks really have a difficult time remembering strong passwords, 1Password or LastPass, may be a good option.

That said, it is probably all security theater.
 

·
Super Moderator
Joined
·
13,530 Posts
Yeah, nobody will care, it's no big drama.

EXCEPT, MY original username GrandPaul, was hacked HERE by a poser who then wrote crap for a month before I was forced to add the "Z" to the end of my username. I was made a site moderator not long after that.

It's a sick feeling when you're hacked. At least it wasn't my bank or PayPal...
 

·
Registered
Joined
·
325 Posts
WINDOWS: Please enter your new password.

USER: cabbage

WINDOWS: Sorry, the password must be more than 8 characters.

USER: boiled cabbage

WINDOWS: Sorry, the password must contain 1 numerical character.

USER: 1 boiled cabbage

WINDOWS: Sorry, the password cannot have blank spaces.

USER: 50damnboiledcabbages

WINDOWS: Sorry, the password must contain at least one upper case character.

USER: 50DAMNboiledcabbages

WINDOWS: Sorry, the password cannot use more than one upper case character consecutively.

USER: 50damnBoiledCabbagesShovedUpYourAssIfYouDon'tGiveMeAccessNow!

WINDOWS: Sorry, the password cannot contain punctuation.

USER: ReallyPissedOff50DamnBoiledCabbagesShovedUpYourAssIfYouDontGiveMeAccessNow

WINDOWS: Sorry, that password is already in use.
 

·
Registered
Joined
·
8,393 Posts
Well,its taken 2 days for me to log in as i did not get an email about this.Thanks to Paul and Ed for some personal emails to get back in.
 

·
Registered
Joined
·
590 Posts
I saw the thingy at the top of the page and changed my password and thought I was good but then got the email and had to follow the directions with the new password.

Changed my password again after and my Dear Sweet Google Overlords asked if I wanted to update my password and I said sure!

Now as long as I am logged into the Googs it don't matter what computer I'm on it remembers my password.

Disturbing yes but........:wink2:
 

·
Registered
Joined
·
2,848 Posts
Discussion Starter · #20 ·
I think it's a scam to get everyone's new password. It seems several other forums have now requested I change my PW. Jockey Journal has changed mine and neither the old one nor new one will let me in right now.
 
1 - 20 of 32 Posts
Top