• ACTION REQUIRED: ipage Password Requirements

    From August Abolins@2:221/360 to All on Thu Sep 24 17:09:51 2020
    The folks at iPage are still pestering me:

    ACTION REQUIRED: ipage Password Requirements

    [1]
    Password Requirements
    (Action Required)
    - 8 character minimum (New as of 6/25! reduced from 16 character)
    - Contains one upper case letter, one lower case letter, and one digit
    - Does not match previous 10 passwords
    - Does not contain the user’s first name, last name, or ipage User ID

    [2]
    Security Questions and Answers
    (Action Required)
    5 questions will be provided. Choose two questions and establish
    answers for both.
    Answer Requirements:
    - Minimum of 3 characters
    - Cannot duplicate questions or answers
    - Cannot contain User ID, email
    - Cannot match password

    [3]
    Password Expiration
    (For your information) Passwords expire after 365 days
    - Users will receive a reminder email 14 days prior to expiration:


    Regarding [1] above, the existing pw is already 8-char and meets the upper/lowercase and numerical requirements. It hasn't changed since
    I joined many years ago, so I assume the "action required" refers to
    the 365 day expiration, item [3].

    The pw is already quite cryptic (no actual words), so the
    requirement to change it is irksome. Studies have shown that
    changing a password does not improve security. The onus of security
    ought to lie on the server side with encrypted databases - which no
    one seems to implement.

    WRT [1] above, all I'm encouraged to do is simply add the same last
    character to my pw, save it, and move on for another 365 days. It's
    easier to remember the same last character than dreaming up a new
    pw. :)

    At least I don't have to change the stupid [2] requirements every year.


    --

    --- TB(Stealth)/Win7
    * Origin: nntp://rbb.fidonet.fi - Lake Ylo - Finland (2:221/360.0)