On 11/18/2014 06:34 AM, Jim wrote: > NoOp wrote: >> On 11/15/2014 02:01 PM, Jim wrote: >>> I am not expecting an answer to this question, as most of you can't get >>> to this web site. >>> >>> I am retired military and need to use many military web sites. The >>> military is paranoid about password security and requires users to >>> change their passwords every 90 days (and the requirements get ever more >>> complex). >>> >>> I use Keepass to generate passwords, and paste the passwords into the >>> proper boxes. Last week, I was told I need to change my password. One >>> requirement is that the password must be between 15 and 20 characters. >>> I set Keepass to generate a 20-character password and meet all the other >>> requirements. I had problems getting a password, that I could use to >>> log in. >>> >>> I found out, that in Seamonkey, when I pasted my 20-character password >>> into the box, it only showed 17 "password dots". (It was cutting off 3 >>> characters). >>> >>> When I successfully used IE, the boxes would hold 20 password dots. >>> >>> Any thoughts on this? >>> >>> TIA -- Jim >>> >> >> Don't know the answer to the maximum password length - I thought it was >> 256, you can file a bug report if you're only getting 17. >> >> Curious about which sites are requiring 20 char passwords - I use >> ebenefits.va.gov (portal to multiple sites), myhealth.va.gov etc., and >> have yet to find one that requires 20 chars or more. Biggest problem >> that I have with those sites are their security certificates are self >> issued and often are screwed up. >> >> >> > The sites are -- logging into the tricare portal through tricareonline, > and DoD Self-Service logon (https://www.dmdc.osd.mil/dsaccess/). These > two sites work together. When you're password expires, it sends you the > the second site to change your password. > > They don't require a 20 character password -- I think anything from 15 > to 20 characters is acceptable. -- I went to a smaller password than 20 > to solve the problem. Just brought this subject up for discussion -- > that's all. >
Yeah, I'm familiar with that site... Remember what I mentioned about certs? ==== www.dmdc.osd.mil uses an invalid security certificate. The certificate is not trusted because the issuer certificate is unknown. (Error code: sec_error_unknown_issuer) ==== You need to make security exceptions for nearly all. BTW: try ebenefits.va.gov - you can link to 55 sites throught that portal, including your tricare. _______________________________________________ support-seamonkey mailing list [email protected] https://lists.mozilla.org/listinfo/support-seamonkey
