Forum

zucht… http://keepass.info/

Maybe now would be a good time to enforce some basic minimum complexity requirements, although you give suggestions as to how strong your password is it’s entirely possible to set a simple password on the site.

Never under estimate just how large some rainbow tables are, I’ve got about 100gig in a single table which will reveal an awful lot of fairly complicated passwords within half an hour or so.

Can you force all passwords on this site to expire? Force people to change passwords as a matter of course would be a very good idea. Although they might not have gained access to other areas directly it’s entirely possible whoever logged in could have seen enough to start building a picture of your over all site security.

In the world of IT Security paranoia is good.

Quoted from kaidus

Can’t we just ban all the russians now?

Edit: Apart from crzfst.

OH I SEE WHAT YOU DID THAR!

It would ruin my day if someone hacked my etf2l account. Oh the damage they could do…

my password for everything is hat

am i safe?

Quoted from Dr-GimpfeN

[…]
if you force users to change passwords very often they will write down the password under the keyboard :)

I was more suggesting a one-off change. And even if they did write it down, unless the next ‘hack’ gives them access to everyone’s computer tables I doubt that’s much of a problem ;)

dem russians man