Page 2 of 3 FirstFirst 123 LastLast
Results 11 to 20 of 23

Thread: The Help Thread

  1. #11
    Join Date
    Feb 2011
    Location
    Prince George, British Columbia
    Posts
    261

    Default Password recovery issues

    I am having some very frustrating issues with password recovery. In trying to login on a different machine than i usually use, i forgot my password so i used the "forgot password" function, had a temporary password sent to my email, but when i try to change the password to something that i am confident that i'll remember, i get an error (something about incorrect or non-matching information). Therefore, i am not able to fix the problem. It is very frustrating having to ask for a new password every da. Any ideas?

  2. #12

    Default

    Ask TLDTR - he should be able to help.

  3. #13

    Default

    Bill requested a new "permanent" password by Private Message so I've set one for him so he should be up-and running.

    As for the cause of the problem I'm going to contact David to find out what the problem is and how it can be fixed.
    Fender 2012 American Standard Precision Bass (Left-handed)
    Fender '59 Bassman LTD.









  4. #14
    Join Date
    Feb 2011
    Location
    Prince George, British Columbia
    Posts
    261

    Default

    Thank you for your help, guys. If the script gets modified to change our passwords on our own I will be sure to be more careful next time.

  5. #15

    Default

    No problem !

    For the people following the progress on this bug,
    I think I've pinned-down the problem but I'll need to wait for TLD to make sure this actually solves the problem. Basically there is something that needs to be done on the server end and I have no access to it.

    As for the passwords in general, a few tips :

    - NEVER use the same password twice (if one get's compromised the bad folks can login to all your other accounts which is a bad thing)

    And I advise to use a password manager, now I have one build into my PIM (Personal Information Manager) software, but there are many others that do just the password-storing and strong password generation.

    There are several commercial Password manager but you can also get Keepass (www.keepass.info) which is a free program so you don't need to pay anything.

    Just make sure you remember the password on the Keepass database and you can forget all other passwords
    Fender 2012 American Standard Precision Bass (Left-handed)
    Fender '59 Bassman LTD.









  6. #16

    Default

    Patrick,
    I assume since you have recommended Keepass that it is safe to use. No chance the people that offer this program free could steal the passwords. Anything that is FREE worries me when it comes to computer programs. Just wondering!!!
    Always remember to enjoy where you're at on the way to where you're going!!!

  7. #17

    Default

    Well Keepass is what we call FOSS (Free and Open Source Software) and the license is what we call GPL (Gnu Public License).
    You can read the whole License here : http://www.gnu.org/licenses/gpl.html

    What does this mean ?
    Software that is released under this license is completely free (free in the form of "Free Beer" and "Free Speach"). Everybody is allowed to take the source code (this should be available on the site to comply to the GPL License) and modify it to their needs.

    Now since this code is open to everyone to see it can be considered safer because if they put in a "backdoor" or "trojan" it would be quickly discovered by others.

    The database it uses is encrypted and you can set various keys (for example you can have a password and somekind of hardware that needs to be connected in order to open the database).

    Can the database encryption be cracked ? Probably but that's the case for all encryptions. The encryption used is Rijndael (AES) (I think it's an algorithm created by a university in the Netherlands but I can be wrong so don't pin me down on that). AES is at this moment one of the best encryption algorithms and it's also used by many commercial programs.

    I have used this tool for a long time myself (on Linux it's called KeepassX, and I think it's default in the Debian GNU/Linux repositories and if it's available in Debian's repo's it is safe to say that this program is safe to use).

    Now that my PIM has a build-in password manager I switched to that one so it's one less program to start during startup of the computer (makes it boot a bit faster).

    One of the other advantages is that they have a "portable" version you can put on a USB stick to take with you and the database remains encrypted so even if you loose the USB stick there is no real risk of compromising your passwords (unless you have set a very simple/easy password but in that case every password manager is no good).

    Another advantage is that you can set a max. time for a password to remain on the "clipboard" (I think it's 12 seconds by default).
    What does this mean you ask ?
    Well, let's say you want to login here :
    1. you go to http://www.thunderrow.com
    2. you open Keepass
    3. You select your TR username (copy to clipboard option at the top or by right-click)
    4. You switch screen to your browser and paste the username in the username field
    5. you do the same for the password.

    After 12 seconds (or the time you have set) the username or password is removed from the clipboard so you don't risk it being kept there (if you just do copy & paste the password will remain on the clipboard until you put something else on the clipboard so it's less safe).

    But to answer your question,
    Keepass has been around for a while and I've used it myself for a while so I'm pretty confident to say it's safe.

    But if you really don't trust it there are also companies like Steganos that have commercial password managers (the Steganos password manager for example costs around 16USD which is a fair price I guess since most of these tools will cost something around 19.99 USD).

    Hope this provides some information
    Fender 2012 American Standard Precision Bass (Left-handed)
    Fender '59 Bassman LTD.









  8. #18

    Default

    Yes, you provided a lot of information and I feel a lot better about using this program now. Thanks for your assistance!!!
    Always remember to enjoy where you're at on the way to where you're going!!!

  9. #19

    Default

    No Problem !

    The "Free" part of Free Software confuses a lot of people. Many think that if it's "Free" (as in Free Beer) it cannot be good quality software.

    But if you look at some examples :

    - Firefox (this is not exactly 100% GPL Compliant but it's Free Software under the Mozilla License)
    - Thunderbird (Mozilla e-Mail client)
    - OpenOffice.org (not that the .org part is part of the name since "Open Office" is a company (this is the basis for Sun's Star Office which includes some Word Perfect compatible code that cannot be included in the free version due to license issues).
    - ...

    Firefox is seen as a much better alternative than Internet Explorer (but I personally Prefer Opera which is also free). Even a Microsoft developer once said that they used Firefox at Microsoft and not IE

    Thunderbird is a popular e-Mail client and IMHO Safer then Outlook / Outlook Express

    OpenOffice.org is able to read and write Microsoft Office documents

    Linux is more stable, faster and free. But it's more complicated to install and use (Linux became a lot easier since 2004, and Ubuntu is doing good) especially Debian GNU/Linux (Debian is one of the 4 first distributions of Linux and it's considered (by me ;-)) and "The Biggest and the Best" (the most software you can install by default). But Debian is also considered to be for Geeks so I will probably never advise anyone here to use it (but there are a lot of other distro's that are based on Debian and that is what makes Linux so great, there is choice and each selects what they find the best for them).

    Now to be honnest I'm using Windows 7 now (which is much better than Vista) Because some of the software I "need" is not available for Linux, but If I had the choice I would be running Linux for sure.
    Fender 2012 American Standard Precision Bass (Left-handed)
    Fender '59 Bassman LTD.









  10. #20

    Default email trouble!

    The email address I used when creating my account has went kuckoo, and I'd like to update it, but I keep getting the "password does not match the current one" error. I don't wanna change the password, but even when I try it that way I still get the error.

    Any advice? Am I just missing something?

Similar Threads

  1. A little thread of introduction
    By Nicki in forum Introduce Yourself
    Replies: 12
    Last Post: 06-28-2012, 08:04 AM
  2. Article: Thread Starter: When? Where? Who?
    By david in forum Thunder Row
    Replies: 4
    Last Post: 11-15-2011, 06:48 AM
  3. Finally Starting A Thread, No Really!
    By wmckinney311 in forum Introduce Yourself
    Replies: 6
    Last Post: 03-18-2011, 12:20 PM
  4. Test Thread
    By TLDTR in forum Announcements and Admin
    Replies: 9
    Last Post: 10-21-2010, 09:00 AM

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •