Lyle,
I know quite a bit on IT security, do not know whether the forum a password complexity capabilities. 8 really should be sufficient, as long as you
- have atleast one capapital
- 1 numeric (ideally not at the end of the password but somewhere else) e.g. password1 is bad, pass1word is better, although still stupid, but you get the point.
- 1 special character (%$#&() etc.)
- prevent using existing wording.
If it is possible to lock the account after x attempt for x amount of time, that also helps.
regards,
Ivo
Logged on early this morning to find multiple SPAM postings.
A group of spammers had managed to get into our system by breaking exisitng users passwords. The spammers did not enter new topics or threads, instead modified existing ones.
Callum & Pete's passwords were the most vunerable, I have spoken with Callum and Pete this morning.
Please can everybody ensure that their password is alpha-numeric and at least 10 characters long - ideally 12?