Public bug reported: Writing this on Behalf of https://launchpad.net/~gmikwei Related Question :
https://answers.launchpad.net/ubuntu/+question/199149 More of an info... 1) Capta should also not be hard for humans to read. Some are. 2) New security standards, seem to be miss aligned. minimum 8 char, Upper,Lower,Num,Spec ? Not sure WHO came up with this made mix, as it leaves users with passwords they can never remeber. If you can't remeber then it has to be storedin an app or logged visually in a file. I'm face with this at work and on numerous other sites, but you are the last one I created an account with and I could not use my std password, so I'll likely need numerous password resets, which will just expose me or my password contrary to being secure. Why not allow long pass phrases instead, IE: "my mother wears blue dresses", "my dog likes to chase cars". M y understanding is that the smaller the passcode the easier it is for bruteforce attacks and bruteforece attacks don't have difficulties with mixed case, numerics... As an apache provider I know it is also easy to block bruteforce attacks(not sure w IIS). I'm not blaming you, but am faced day-to-day with secuiry people who don't understand from a users perspective and new password standards such as your own are a detriment to enforcing security. As I MUST now have a unique password for your site I MUST put it in a log file and I must expose it so I can look it up from other PC's Please forward this to whomever is responsilbe... PS: As a side comment, have you ever looked at OpenID? ** Affects: ubuntu Importance: Undecided Status: New -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1007732 Title: Some confusion should be cleared !! To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+bug/1007732/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
