Advertisement
If you have a new account but are having problems posting or verifying your account, please email us on hello@boards.ie for help. Thanks :)
Hello all! Please ensure that you are posting a new thread or question in the appropriate forum. The Feedback forum is overwhelmed with questions that are having to be moved elsewhere. If you need help to verify your account contact hello@boards.ie
Hi all, we have some important news to share. Please follow the link here to find out more!

https://www.boards.ie/discussion/2058419143/important-news/p1?new=1

What is the point in using your username to log in?

  • 24-05-2011 09:20PM
    #1
    Banned (with Prison Access) Posts: 2,449 ✭✭✭


    Why not just have a strong password and no entering of a username, your username just comes up?

    There is as little chance that someone will have the exact same properly chosen password as there is that they would have your username + password. Similarly, it would be just as secure, moreso in fact per keystroke.


«1

Comments

  • Registered Users, Registered Users 2 Posts: 4,879 ✭✭✭Coriolanus


    What would get displayed above "Registered User"?


  • Closed Accounts Posts: 20,739 ✭✭✭✭starbelgrade


    Why not just have a strong password and no entering of a username, your username just comes up?

    Let me guess... you're still using Internet Explorer.


  • Registered Users, Registered Users 2 Posts: 3,854 ✭✭✭Sinfonia


    Why not just have a strong password and no entering of a username, your username just comes up?

    There is as little chance that someone will have the exact same properly chosen password as there is that they would have your username + password. Similarly, it would be just as secure, moreso in fact per keystroke.

    Because two people could possibly use the same password. Pretty basic stuff.


  • Closed Accounts Posts: 12,806 ✭✭✭✭KeithM89_old


    There is as little chance that someone will have the exact same properly chosen password ...

    Well i hope no one else is using 'password' as their password....


  • Banned (with Prison Access) Posts: 2,449 ✭✭✭SuperInfinity


    Sinfonia wrote: »
    Because two people could possibly use the same password. Pretty basic stuff.

    But as I just stated, if the passwords are properly chosen then there would be as little chance of that happening as if two people had the exact same username + password.


  • Advertisement
  • Banned (with Prison Access) Posts: 2,449 ✭✭✭SuperInfinity


    Nevore wrote: »
    What would get displayed above "Registered User"?

    Your username still comes up, it's just contained within your password. Just like how you don't have to type what date you joined. I didn't answer this immediately because I didn't know what you meant.


  • Registered Users, Registered Users 2 Posts: 3,854 ✭✭✭Sinfonia


    But as I just stated, if the passwords are properly chosen then there would be as little chance of that happening as if two people had the exact same username + password.

    Two people can't have the same username, and that's the point.
    When registering, you will be told the username is unavailable if someone else has taken it.
    If you were told that somebody was already using the password you've tried to set up an account with, then you could just log in under their account.

    And to create suitably intricate passwords as you suggest, would be a pain for some people in terms of remembering it. UN/PW is easier and safer.


  • Registered Users, Registered Users 2 Posts: 3,332 ✭✭✭Guill


    It's just to waste your time OP.


  • Registered Users, Registered Users 2 Posts: 4,879 ✭✭✭Coriolanus


    But as I just stated, if the passwords are properly chosen then there would be as little chance of that happening as if two people had the exact same username + password.
    But since the Interweb Emancipation Act of 2001, people over the age of 35 have been using the internet. They don't understand things like "no, don't use your username as your password. Or the dogs name. No, mam, it's not a really good idea to use your credit card number either. Yes, I know random numbers and letters look hard, but you can write it down somewhere if you really need to. No, not on a piece of paper stuck to the monitor at your desk in the bank you work at."

    Edit:
    Your username still comes up, it's just contained within your password. Just like how you don't have to type what date you joined. I didn't answer this immediately because I didn't know what you meant.
    Yeah, I know. I was being facetious. :)


  • Registered Users, Registered Users 2 Posts: 11,554 ✭✭✭✭alwaysadub


    Just leave yourself logged in.
    Problem solved.


  • Advertisement
  • Banned (with Prison Access) Posts: 2,449 ✭✭✭SuperInfinity


    Sinfonia wrote: »
    Two people can't have the same username, and that's the point.

    lol, oh yeah. Ok I admit I forgot this. :rolleyes:

    Okay what if the first five letters of your password had to be unique? But I still maintain it wouldn't happen anyway, a few more keystrokes and it would very fast be as unlikely as if you typed someone's username and were guessing the passwords.
    Sinfonia wrote: »
    When registering, you will be told the username is unavailable if someone else has taken it.
    If you were told that somebody was already using the password you've tried to set up an account with, then you could just log in under their account.

    And to create suitably intricate passwords as you suggest, would be a pain for some people in terms of remembering it. UN/PW is easier and safer.

    I get tired of typing them in though. I'm not convinced it's easier (for a particular level of safety).


  • Registered Users, Registered Users 2 Posts: 11,647 ✭✭✭✭El Weirdo


    lol, oh yeah. Ok I admit I forgot this. :rolleyes:

    Okay what if the first five letters of your password had to be unique?
    I know, let's just leave it as it is, ok?
    I get tired of typing them in though. I'm not convinced it's easier.
    What sort of 1990s browser are you using that doesn't have autofill for your usernames?


  • Registered Users, Registered Users 2 Posts: 3,854 ✭✭✭Sinfonia


    lol, oh yeah. Ok I admit I forgot this. :rolleyes:

    Okay what if the first five letters of your password had to be unique?

    XD I admire your obduracy my good man.

    You should have chosen a shorter username :P


  • Closed Accounts Posts: 2,778 ✭✭✭Pauleta


    I think you should need a semen sample to log in


  • Registered Users, Registered Users 2 Posts: 24,278 ✭✭✭✭ejmaztec


    lol, oh yeah. Ok I admit I forgot this. :rolleyes:

    Okay what if the first five letters of your password had to be unique? But I still maintain it wouldn't happen anyway, a few more keystrokes and it would very fast be as unlikely as if you typed someone's username and were guessing the passwords.



    I get tired of typing them in though. I'm not convinced it's easier (for a particular level of safety).


    You could always solve this by not logging in at all.:p


  • Registered Users, Registered Users 2 Posts: 3,854 ✭✭✭Sinfonia


    Pauleta wrote: »
    I think you should need a semen sample to log in

    I would think semen samples are generally produced immediately before leaving a website :P


  • Registered Users, Registered Users 2 Posts: 5,848 ✭✭✭bleg


    If you type your password in here it comes up as ********* to other users.


  • Subscribers Posts: 16,773 ✭✭✭✭copacetic


    Pauleta wrote: »
    I think you should need a semen sample to log in

    Whose?


  • Registered Users, Registered Users 2 Posts: 3,141 ✭✭✭ocallagh


    Two important security features of a username:

    With just one password, you will never be able to associate a failed login attempt with an account.
    A username can safely be used as a unique identifier.


  • Registered Users, Registered Users 2 Posts: 3,854 ✭✭✭Sinfonia


    bleg wrote: »
    If you type your password in here it comes up as ********* to other users.

    blegisabiggay6969 omfgz it works!!


  • Advertisement
  • Closed Accounts Posts: 12,806 ✭✭✭✭KeithM89_old


    bleg wrote: »
    If you type your password in here it comes up as ********* to other users.

    'erectileDysfunction'



    Does it??
    :pac:


  • Moderators, Category Moderators, Science, Health & Environment Moderators, Society & Culture Moderators Posts: 47,767 CMod ✭✭✭✭Black Swan


    Pauleta wrote: »
    I think you should need a semen sample to log in
    What if you have more than one b/f? Have multiple accounts?


  • Registered Users, Registered Users 2 Posts: 4,983 ✭✭✭Red Hand


    Black Swan wrote: »
    What if you have more than one b/f? Have multiple accounts?

    And what if you were a heterosexual male and didn't have a boyfriend? Log in with an egg?


  • Registered Users, Registered Users 2 Posts: 3,854 ✭✭✭Sinfonia


    And what if you were a heterosexual male and didn't have a boyfriend? Log in with an egg?

    Look down.


  • Closed Accounts Posts: 4,080 ✭✭✭foxinsox


    Nevore wrote: »
    But since the Interweb Emancipation Act of 2001, people over the age of 35 have been using the internet. They don't understand things like "no, don't use your username as your password. Or the dogs name. No, mam, it's not a really good idea to use your credit card number either. Yes, I know random numbers and letters look hard, but you can write it down somewhere if you really need to. No, not on a piece of paper stuck to the monitor at your desk in the bank you work at."

    But since the Internet was invented by people who are over 35 now, the Information Super Highway Emancipation Act of 1969, code III Sub. IV states that people under the age of 35 cannot make such vast generalisations as their generalisations may deem to be biased towards their experience only with their ma.

    http://en.wikipedia.org/wiki/Timeline_of_popular_Internet_services

    :)


  • Registered Users, Registered Users 2 Posts: 35,522 ✭✭✭✭Gordon


    But as I just stated, if the passwords are properly chosen then there would be as little chance of that happening
    Ah if only the world was perfect.


  • Closed Accounts Posts: 18,163 ✭✭✭✭Liam Byrne


    But as I just stated, if the passwords are properly chosen then there would be as little chance of that happening as if two people had the exact same username + password.

    You're dealing with the public....you can't rely on stuff like that.


  • Closed Accounts Posts: 17,689 ✭✭✭✭OutlawPete


    OP, if you were able to do that from tomorrow, then the password you would choose, would most likely have to be so complex (must contain ten charters, four digits and a ex girlfriend's phone number) that it would take you just as long to type it in, as it does now to type in both.


  • Registered Users, Registered Users 2 Posts: 2,370 ✭✭✭Knasher


    Okay what if the first five letters of your password had to be unique?

    That's equivalent to putting a limit of 5 letters to user names. It's safe enough then but you haven't really saved anything by doing it and you have put an upper limit on the number of registered users.

    Just to be exact, if you only allow letters and numbers you would be limiting yourself to 376992 users only. (and to take it a little further, boards passed that number in September last year)


  • Advertisement
  • Closed Accounts Posts: 1,462 ✭✭✭red menace


    “Before I broke into the IT racket,” Scott Simons writes, “I was a front-line Customer Service Rep. At the time, the procedure for logging into our service management system was a bit puzzling.”
    “Like many organizations, your User ID was assigned by the company, but you had to choose your own password. But instead of having a screen to do that, you had to fill out a Password Request Form and fax it corporate headquarters. And then things got strange.
    “There was a 50/50 chance that corporate would reject your password. There was no rhyme or reason, such as not having enough numeric characters, or anything like that. It was just a simple notice, sent back via fax: Your password was not created. Please choose a different password.
    “Actually, their rejection messages weren’t always so simple. I decided to change my password one day to something more secure – two mixed-case passwords with numbers and special characters – but IT rejected it because they couldn’t read my handwriting. I typed out my secure password and then refaxed it. They responded that they changed my password... but not to what I picked: they just randomly chose some word, like frequency. Evidently they were tired of dealing with me.

    “And then, one day, everything clicked. I became enlightened when I mistakenly typed in a password that I had unsuccessfully requested at one time in the past: instead of a invalid credentials message, I found myself logged in as a completely different user.
    “A little testing (at other people’s workstations, just in case) confirmed my incredible suspicion: the User ID field on the login screen was a dummy. The login script looked only at the password field, comparing it to the list of passwords; if it matched, you were logged in as the user who owned that password, regardless of what User ID you had entered into the screen. The reason that passwords were sometimes rejected was simply that each user had to have a unique password for this ‘security’ scheme to work.
    “I guess you could call it could call it fake one-factor authentication? Or half-factor authentication?
    “After playing around a bit more, it was really easy to find some poorly-thought out passwords that belonged to users with much more powerful system permissions than mine. I believe one of them was a sales manager in Boston, who was apparently fond of kittens.
    “I never chose to wreak any havoc with this knowledge – or even share this crazy scheme with my coworkers – but I’m glad I can finally tell someone about it today.

    I also work in IT and I know people are using the most retarded passwords ever
    My current password is touching 30 characters long, it sometimes takes me more than one attempt to get it right


Advertisement