1 reply to this topic

[lymon]

Tonight I was unwelcomed by needing to change my password. What's with the new password policy that passwords need to be changed out every 180 days for accounts and email? This is not cool. Because of this change, now none of my mobile phones are connecting to email after changing the password. On top of that, every time I tried to create a new password, the system would tell me it was too similar or too short, or too coincidental to a word in the dictionary, and on and on. I advise you revert this policy or you will start to lose many customers who don't have the time or energy in keeping up with every damn password on our accounts. Give your customers a choice to decide whether we want our passwords to change rather than being forced to!!

[HubRocket]

 lymon, on 02 December 2011 - 09:58 PM, said:

Tonight I was unwelcomed by needing to change my password. What's with the new password policy that passwords need to be changed out every 180 days for accounts and email?

Hi,

E2 recently made some security enhancements which you can read about them HERE.

The 180 days is around half a year so you will only have to change it twice within an entire year which is not much.

 lymon, on 02 December 2011 - 09:58 PM, said:

On top of that, every time I tried to create a new password, the system would tell me it was too similar or too short, or too coincidental to a word in the dictionary, and on and on.

You can read about this update on the blog post I mentioned above. They have increased the required strength of your password so you can not use anything to obvious that a hacker would be able to guess / use a program to guess for them.

 lymon, on 02 December 2011 - 09:58 PM, said:

I advise you revert this policy or you will start to lose many customers who don't have the time or energy in keeping up with every damn password on our accounts. Give your customers a choice to decide whether we want our passwords to change rather than being forced to!!

I don't think they would loose many customers. This shows they do really care about their customers, they are willing to nudge them for 5 minutes so their website does not end up hacked. This also saves E2 resources as they don't need to spend time going through backups, logs, helping you recover etc.... - This extra spare time can go onto helping people quicker that really need it, as opposed to those with weak passwords.

I mean, these days major companies are getting hacked: Sony, Government websites and so on - With hacking on the increase I think these updates will do more good than harm .