Thread: Disable password expiration

Page 2 of 3 FirstFirst 123 LastLast
Results 11 to 20 of 23
  1. #11  
    Head Veteran and Respected Member


    Thakiller's Avatar
    Join Date
    Dec 2006
    Age
    26
    Posts
    2,953
    Thanks given
    1,957
    Thanks received
    3,074
    Rep Power
    5000
    R-S shouldn't be responsible for people being stupid with their passwords, however it's every 120 days or so which is just enough to shut anybody up who cries "lack of security on R-S!!" whenever they get their account compromised, whilst at the same time not being annoying enough to bitch about.

    Considering you (apparently) can just reuse the same password, take the 5 seconds to retype your password 3 times a year and get over it.
    Reply With Quote  
     

  2. Thankful users:


  3. #12  
    Registered Member 50 69 64 6f 72's Avatar
    Join Date
    Nov 2016
    Posts
    4
    Thanks given
    0
    Thanks received
    9
    Rep Power
    0
    u all don't seem to understand that forcing ppl to change passwords doesnt make anyone more secure

    but w/e keep thinking rune-server is the exception to the rule lol
    Reply With Quote  
     

  4. Thankful user:


  5. #13  
    Officially Retired

    Huey's Avatar
    Join Date
    Jan 2008
    Age
    22
    Posts
    16,478
    Thanks given
    3,385
    Thanks received
    7,727
    Rep Power
    5000
    Quote Originally Posted by Noele View Post
    If you took your own advice and updated your password every few months then you would actually never see the password expiration dialogue.
    This comment pissed me off the most. 9 years ago I would've flamed the hell out of you rofl.


    But

    Honestly there's been times I've gotten the annoying 100 day password expiration thing & I cannot be bothered with changing it so I would just log back out rofl.

    But anyways 2018, if people are still going after rune-server accounts, then they should be necked asap.
    Attached image
    Listen children don't become this guy.
    Quote Originally Posted by Owner Spikey View Post
    Why can I attack lower level npc's in a matter of a mouse hover but for a higher level npc the only choice to attack is by right clicking option attack?

    Reply With Quote  
     

  6. Thankful users:


  7. #14  
    Administrator

    Kevy's Avatar
    Join Date
    Jul 2006
    Posts
    1,428
    Thanks given
    204
    Thanks received
    1,905
    Rep Power
    5000
    Apparently they are. They get passwords from rsps and other leaks and get on the accounts. Change the name of the account to look like someone more popular and trusted and try to scam and most times succeed.

    Quote Originally Posted by Huey View Post
    This comment pissed me off the most. 9 years ago I would've flamed the hell out of you rofl.


    But

    Honestly there's been times I've gotten the annoying 100 day password expiration thing & I cannot be bothered with changing it so I would just log back out rofl.

    But anyways 2018, if people are still going after rune-server accounts, then they should be necked asap.
    Thanks, Kevin.
    Reply With Quote  
     

  8. #15  
    Renown Programmer
    Greg's Avatar
    Join Date
    Jun 2010
    Posts
    1,179
    Thanks given
    260
    Thanks received
    1,012
    Rep Power
    2003
    Quote Originally Posted by Kevy View Post
    Apparently they are. They get passwords from rsps and other leaks and get on the accounts. Change the name of the account to look like someone more popular and trusted and try to scam and most times succeed.
    But his point still stands, every time I get the prompt to change my password I change it to the same password, if you add the option so you can't change it to previous passwords then I'd stop using the site.

    The vast majority of people don't "change" their password and those that do would do it of their own accord anyway, so all it accomplishes is a nuisance and a few minutes of wasted time
    Attached imageAttached image
    Reply With Quote  
     

  9. Thankful users:


  10. #16  
    Disable password expiration



    Scu11's Avatar
    Join Date
    Aug 2007
    Age
    30
    Posts
    16,307
    Thanks given
    7,215
    Thanks received
    12,308
    Rep Power
    5000
    Quote Originally Posted by 50 69 64 6f 72 View Post
    u all don't seem to understand that forcing ppl to change passwords doesnt make anyone more secure

    but w/e keep thinking rune-server is the exception to the rule lol
    Ok when you have people reusing passwords on all sorts of RSPSes and those RSPSes having no clue about any level of security and their player databases get stolen dumped and the passwords get cracked, how is it not more secure for us to force you to change your password (from the one that was likely included in that dump if you're an average rsps player)?

    Quote Originally Posted by Greg View Post
    The vast majority of people don't "change" their password
    This is conjecture and you have no statistics to back it up

    Attached image
    Reply With Quote  
     

  11. Thankful user:


  12. #17  
    Renown Programmer
    Greg's Avatar
    Join Date
    Jun 2010
    Posts
    1,179
    Thanks given
    260
    Thanks received
    1,012
    Rep Power
    2003
    Quote Originally Posted by Scu11 View Post
    This is conjecture and you have no statistics to back it up
    Touché

    Maybe you should do a poll to provide some light on how many of those actually change their password?
    Attached imageAttached image
    Reply With Quote  
     

  13. #18  
    Respected Member


    Join Date
    Jan 2009
    Posts
    5,743
    Thanks given
    1,162
    Thanks received
    3,603
    Rep Power
    5000
    Lets also not forget vBulletin 4.* still uses md5(md5(password) + salt), so god forbid that rune-server ever was hacked your passwords are not exactly safe to begin with, so the use of a strong password and enforcing change every 120 days (3 times a year) is really nothing. It shouldn't let you reuse the same password though, sort of defeats the entire fucking purpose, but hey go vBulletin!!!
    Reply With Quote  
     

  14. Thankful users:


  15. #19  
    Registered Member
    hc747's Avatar
    Join Date
    Dec 2013
    Age
    26
    Posts
    1,474
    Thanks given
    3,312
    Thanks received
    691
    Rep Power
    1098
    Wasted more time reading this thread than I have changing my password on R-S since 2013.
    Reply With Quote  
     

  16. #20  
    Registered Member 50 69 64 6f 72's Avatar
    Join Date
    Nov 2016
    Posts
    4
    Thanks given
    0
    Thanks received
    9
    Rep Power
    0
    Quote Originally Posted by Scu11 View Post
    Ok when you have people reusing passwords on all sorts of RSPSes and those RSPSes having no clue about any level of security and their player databases get stolen dumped and the passwords get cracked, how is it not more secure for us to force you to change your password (from the one that was likely included in that dump if you're an average rsps player)?
    cuz, as mentioned in every study in the op, people don't actually make new unique passwords lol if the service doesn't have a function expiration system (like vb), then they reuse the same1 and if it does, they often just make their new 1 a derivative of the old one

    all the stats say that the effects of password resets are negligible at best lol
    Reply With Quote  
     

Page 2 of 3 FirstFirst 123 LastLast

Thread Information
Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)


User Tag List

Similar Threads

  1. Remove the password expiration
    By gnarly in forum Complaints
    Replies: 13
    Last Post: 08-07-2011, 02:57 AM
  2. Password Expiration.
    By Aj in forum Announcements
    Replies: 48
    Last Post: 04-01-2010, 02:29 AM
  3. Replies: 33
    Last Post: 06-29-2009, 09:35 AM
  4. MD5 Password protection
    By Mr.Lothar in forum Tutorials
    Replies: 7
    Last Post: 05-19-2007, 09:17 PM
Tags for this Thread

View Tag Cloud

Posting Permissions
  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •