• Welcome to Schweb's Lounge

    In addition to the Mac-Forums Community Guidelines, there are a few things you should pay attention to while in The Lounge.

    Lounge Rules
    • If your post belongs in a different forum, please post it there.
    • While this area is for off-topic conversations, that doesn't mean that every conversation will be permitted. The moderators will, at their sole discretion, close or delete any threads which do not serve a beneficial purpose to the community.

    Understand that while The Lounge is here as a place to relax and discuss random topics, that doesn't mean we will allow any topic. Topics which are inflammatory, hurtful, or otherwise clash with our Mac-Forums Community Guidelines will be removed.
  • Welcome to the new Mac-Forums. See News and Community Announcements for more details.

[humor] The Password Nightmare

Joined
Mar 11, 2019
Messages
461
Reaction score
4
Points
18
I've tagged this post as "humor" because in the past some of the more dour members of this forum have failed to recognize my previous and admittedly feeble attempts at being funny. I've also posted this in Schweb's Lounge as another hint that it's not to be taken too seriously.

1Password keeps nagging me about the fact that they have detected over 900 passwords and websites that need my attention:

CIMG2916.jpg

I find this task to be tedious, boring and incredibly maddening. How did the IT world let us get into this mess in the first place?

I only have sufficient patience to work on this for about an hour at a time and no more than once a week. This morning I spent an hour and only managed to clear about ten problems. If I continue to do ten per week (not likely) it will take me nearly two years to finish.

The problems that crop up are wondrously varied. In some cases the 1Password entry is outdated and when I attempt to change the password the website informs me that I've entered the wrong "old" password. Sometimes I can find the correct old password in my Keychain. I try to be diligent in keeping 1Password up to date when I use a Safari suggested password, but clearly I have not been diligent enough. In come cases I have to go through the tedious and failure-prone "lost password" procedure.

Sometimes the website presents one of those confusing captcha puzzles. These baffle me. Is the pole which supports a traffic signal part of the signal? Is that scrap of white at the corner of the square part of the pedestrian crossing or just a photographic artifact? I usually require multiple attempts to solve the captcha puzzle. (I've never been much good at puzzles.)

In other cases the Safari generated password is insufficiently complex. For example, my web hosting company rejected the following:

byrrEj-fyrvah-docfy7

I feel comfortable posting it here because I didn't use it and hope that Safari will not generate this same password for someone else. In this case I ended up using 1Password's password generator to create a password that is 22 characters long. It had to be that big for the website to accept it.

In some cases the subject website is long gone so I can safely just delete the 1Password entry. (Remember Northwest Airlines?)

I've written this mainly to vent my frustration. I feel better now.
 

pigoo3

Well-known member
Staff member
Admin
Joined
May 20, 2008
Messages
41,956
Reaction score
661
Points
113
Location
U.S.
Your Mac's Specs
2011 17" MBP 2.2ghz, 16gig ram, OS 10.11.6
(Remember Northwest Airlines?)
Ohh yes. I used to fly to Asia on Northwest.:)

Still have my frequent flyer card around here somewhere! Lol

- Nick
 
Joined
Mar 11, 2019
Messages
461
Reaction score
4
Points
18
Ohh yes. I used to fly to Asia on Northwest.:)
They were quite good. I lived on Saipan for many years. NW had direct flights to Tokyo and then on to Asia. For many years flying Saipan to Bangkok involved an overnight stay at Narita. NW put you up in their crew hotel, the Raddison, and give you two free meals to boot. Back when it was fun to fly….

More follies:

On the Bombich Software page (Carbon Copy Cloner) I logged in with the password copied from my Keychain. But, when I went to the change password page it told me that my "old" password was wrong. How could it be right when I logged in but wrong when I want to change my password? I've submitted a support request.

On the Divers Alert Network page I searched high and low for the password change section. Never found it. I've sent email asking where it is.
 
Last edited:
Joined
Oct 16, 2010
Messages
13,205
Reaction score
204
Points
63
Location
Brentwood Bay, BC, Canada
Back when it was fun to fly….

And you didn't even need any password to login and confirm your flight... ;-)

PS: Thanks for the humorous post except for the fact it's mostly true.



- Patrick
======
 

RavingMac

Well-known member
Staff member
Moderator
Joined
Jan 7, 2008
Messages
8,237
Reaction score
219
Points
63
Location
In Denial
Your Mac's Specs
16Gb Mac Mini 2018, 15" MacBook Pro 2012 1 TB SSD
I used to hope passwords would disappear when biometrics was 1st being talked about, then we got fingerprint scanners and realized they were worse than passwords.
Unless I update my fingerprints on a regular basis, Touch ID quickly becomes useless on my iOS devices (it was even worse at work before I retired). Apparently I was destined to be an International Jewel Thief, not only are my prints difficult to read, but they seem to change constantly . . .

Anyway, that is my vent, plus I also remember NWA and TWA FWIW
 

Slydude

Well-known member
Staff member
Moderator
Joined
Nov 15, 2009
Messages
15,134
Reaction score
317
Points
83
Location
North Louisiana, USA
Your Mac's Specs
2.8 GHz 2008 MacBook Pro 10.11, 8 GB mem, iPhone XS, 2015 iMac 16 GB 10.15.5 beta
Hated to see TWA depart. I was flying between home and Iowa on a regular basis at the time. The flight usually ran through St. Luis which wasn't a bad airport as far as being manageable for me. Over time the flights started running through DFW which is a much larger airport physically and can be difficult to navigate if your flight only has say an hour or ao before the connecting flight leaves.

Heck, I wasn't a big fan of the name change from Pan Am.
 

chscag

Well-known member
Staff member
Admin
Joined
Jan 23, 2008
Messages
60,421
Reaction score
752
Points
113
Location
Keller, Texas
Your Mac's Specs
2017 27" iMac, 10.5" iPad Pro, iPhone 7+, iPhone 8, iPhone 11, Numerous iPods, Catalina
I used to work for TWA out of their Hq at JFK airport in New York. It was one of those times between enlistments in the USAF. Not a bad job but the commute from our apartment out on Long Island to JFK was a nightmare. BTW, the TWA Hq was right across the way from the Pan Am Hq building at JFK.
 
Joined
Oct 16, 2010
Messages
13,205
Reaction score
204
Points
63
Location
Brentwood Bay, BC, Canada
In other cases the Safari generated password is insufficiently complex. For example, my web hosting company rejected the following:
byrrEj-fyrvah-docfy7

Hmmm...??? And yet when it's used to test at a password checker site produces...

CIMG2915.jpg

I guess your web hosting company is playing things super safe!!!!



- Patrick
======
 

Raz0rEdge

Well-known member
Staff member
Moderator
Joined
Jul 17, 2009
Messages
12,659
Reaction score
302
Points
83
Location
MA
Your Mac's Specs
2018 Mac-Mini macOS Catalina 10.15.5, 32 GB
The ironic thing is that some websites that are MEANT to have strong security don't because of poor website design (and designers). That isn't to blame the intention of strong security, it's just that some people do it very poorly and aid in frustration of people.
 
Joined
Mar 11, 2019
Messages
461
Reaction score
4
Points
18
Hmmm...??? And yet when it's used to test at a password checker site produces...
I guess your web hosting company is playing things super safe!!!!
I guess. The site didn't say exactly why the password failed their test. It might have been because of the hyphens. The password generated by 1Password is letters and numbers only.
 
Joined
Jan 1, 2009
Messages
8,009
Reaction score
133
Points
63
Location
Winchester, VA
Your Mac's Specs
MBP 15" Mid 2015, iPhone 11 Pro, an iMac, plus ATVs, AWatch, MacMini
They may also require a symbol from a set they prefer, such as #$%&* etc, and not "-".
 
Joined
Oct 16, 2010
Messages
13,205
Reaction score
204
Points
63
Location
Brentwood Bay, BC, Canada
I guess. The site didn't say exactly why the password failed their test. It might have been because of the hyphens.

Hmmm... yet I have been led to believe that using such characters increases the value and cracking time.

More likey due to some lazy incompetent programmer at the particular site and attempting on protecting his a** and doesn't know any better!!!



- Patrick
======
 
Joined
Mar 11, 2019
Messages
461
Reaction score
4
Points
18
They may also require a symbol from a set they prefer, such as #$%&* etc, and not "-".
This is what their website says:

Tips for a good password
Use both upper and lowercase characters
Include at least one symbol (# $ ! % & etc...)
Don't use dictionary words
I guess a hyphen doesn't count as a "symbol" because, otherwise, the Safari generated password looks like it complies.

The password that was accepted has numbers, upper and lower case characters and a single "@".
 
Joined
Mar 11, 2019
Messages
461
Reaction score
4
Points
18
More Follies:

Bombich (Carbon Copy Cloner) support suggested that since I couldn't change my password on their site I should use the "forgot password" procedure. I did that and used the Safari suggested password. I told Safari to replace the existing password with the new one. Then I went in to the Keychain to copy the new password so I could paste it into 1Password. But, it wasn't there! Safari failed to update the Keychain. So, now I have no record of the new password.

It's little things like this that make the whole fix-your-passwords process and exercise in frustration.
 
Joined
Jan 1, 2009
Messages
8,009
Reaction score
133
Points
63
Location
Winchester, VA
Your Mac's Specs
MBP 15" Mid 2015, iPhone 11 Pro, an iMac, plus ATVs, AWatch, MacMini
This is what their website says:



I guess a hyphen doesn't count as a "symbol" because, otherwise, the Safari generated password looks like it complies.

The password that was accepted has numbers, upper and lower case characters and a single "@".
I think that hyphen in the display is not actually part of the password, it's there for us humans to be able to maybe remember the password. Three sets of 6 is much easier than 18 with no breaks. I seem to remember copying a Safari password from the keychain to 1password and it came without the hyphen. (Or maybe I just imagined it, it's been a while.)
 
Joined
Mar 11, 2019
Messages
461
Reaction score
4
Points
18
I still can't figure out just when 1Password is able to detect that you're updating a password. Sometimes when I change a password both 1Password and the Keychain recognize the fact and ask me if I want to update the current entry or add a new one. But, sometimes 1Password seems oblivious. And, as the Bombich Incident shows, sometimes the Keychain doesn't get updated and there's no way to find out just what password Safari suggested.
 
Joined
Mar 11, 2019
Messages
461
Reaction score
4
Points
18
I think that hyphen in the display is not actually part of the password, it's there for us humans to be able to maybe remember the password. Three sets of 6 is much easier than 18 with no breaks. I seem to remember copying a Safari password from the keychain to 1password and it came without the hyphen. (Or maybe I just imagined it, it's been a while.)
I just looked at a recently updated password. The hyphens are there in both the Keychain and 1Password entries.

aaaaAa-aaaan-aaaaa

So, one upper case character, two "symbols" and one numeric.
 
Joined
Jan 1, 2009
Messages
8,009
Reaction score
133
Points
63
Location
Winchester, VA
Your Mac's Specs
MBP 15" Mid 2015, iPhone 11 Pro, an iMac, plus ATVs, AWatch, MacMini
But not one of the "approved" symbols.
 
Joined
Oct 16, 2010
Messages
13,205
Reaction score
204
Points
63
Location
Brentwood Bay, BC, Canada
aaaaAa-aaaan-aaaaa

So, one upper case character, two "symbols" and one numeric.

Really...??? I guess I missed it but maybe that's due to the new hearing-aids I just got fitted with today....!!! :Smirk:

Maybe it's automatically hidden... sort of as an extra swcurity measure...???


- Patrick
======
 
Top