Bitcoin Forum
August 18, 2022, 05:57:22 PM *
News: Latest Bitcoin Core release: 23.0 [Torrent]
 
   Home   Help Search Login Register More  
Pages: [1]
  Print  
Author Topic: Password timeoout suggestion  (Read 511 times)
phillipsjk
Legendary
*
Offline Offline

Activity: 1008
Merit: 1000

Let the chips fall where they may.


View Profile WWW
September 14, 2013, 08:10:27 PM
Last edit: September 14, 2013, 09:25:54 PM by phillipsjk
 #1

Hello,

Waiting 45 seconds to re-enter your password can be frustrating. However, today I was busy during those 45 seconds because I entered the password from another website. I was changing my password on the other site.

My suggestion:
If the password is incorrect (presumably if the user-name is incorrect too to avoid a distinguishing attack), perhaps the intermediate screen should post suggestions for good security like:

If you accidentally entered the password from another website, you should go change that password now.

If your Password is on this list: you should change your password.

If your password is on this list: you should change your password.

You should write your passwords down or keep them in a key-ring. Your passwords should be randomly generated. (This one will be controversial: however I think advice to never write down passwords results in password re-use or forgotten passwords).
 
Edit: Removed Facebook link for top 25 list. I have no idea why a major news organization would link to a facebook page rather than a press-release. I have one theory: to keep the masses ignorant and dependent on them.

James' OpenPGP public key fingerprint: EB14 9E5B F80C 1F2D 3EBE  0A2F B3DE 81FF 7B9D 5160
1660845442
Hero Member
*
Offline Offline

Posts: 1660845442

View Profile Personal Message (Offline)

Ignore
1660845442
Reply with quote  #2

1660845442
Report to moderator
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1660845442
Hero Member
*
Offline Offline

Posts: 1660845442

View Profile Personal Message (Offline)

Ignore
1660845442
Reply with quote  #2

1660845442
Report to moderator
1660845442
Hero Member
*
Offline Offline

Posts: 1660845442

View Profile Personal Message (Offline)

Ignore
1660845442
Reply with quote  #2

1660845442
Report to moderator
1660845442
Hero Member
*
Offline Offline

Posts: 1660845442

View Profile Personal Message (Offline)

Ignore
1660845442
Reply with quote  #2

1660845442
Report to moderator
b!z
Legendary
*
Offline Offline

Activity: 1582
Merit: 1010



View Profile
September 15, 2013, 04:25:25 AM
 #2

Also do not use the same password on multiple sites.

Good point. Never recycle passwords.
Pages: [1]
  Print  
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!