# What is considered a "valid" password?



## Torin_Darkflight (Feb 26, 2009)

As everyone should do on a periodic basis, I am currently attempting to change my password on the FA mainsite. But, this endeavor wasn't without some difficulty. The problem I was having...the site appears to accept my new password when I change it. But, if I then attempt to login using the new password afterwards, it says it is incorrect. Even if I do a direct copy-and-paste of the password, it says it is the wrong password.

I eventually was able to generate a random password that does work, but it took several visits to the password reset utility to finally get to this point.

I am assuming this problem occurred because I am either using unsupported characters when creating my passwords, or the passwords I was trying to use are simply too long. I use a random password generator program to create passwords of random length. Usually, I have it set to generate passwords ranging from 64 to 2048 characters (But I can change this if needed). These generated passwords consist of every possible character that can be typed on a standard keyboard, including special symbols, but excluding symbols/characters that require ALT+Numberpad codes.

Considering the difficulty I was having, and its possible relation to how my passwords are constructed, I find myself needing to ask for future reference...exactly what set of characters are allowed in an FA password, and what are the minimum and maximum allowed password lengths? This information does not appear to be noted anywhere, neither on the forums or the mainsite.


----------



## DigitalMan (Feb 26, 2009)

... Overkill much? Holy hell...


----------



## Freehaven (Feb 27, 2009)

Jesus, I think you're just a bit too paranoid about security.  Nobody needs a 2000-character password for anything that isn't related to national security.  I mean, damn.


----------



## Torin_Darkflight (Feb 27, 2009)

Before anyone else decides to post more smartass comments, the purpose of this thread is to ask what characters and lengths are allowed in FA mainsite passwords. It is a technical question about what kinds of passwords are allowed/supported by the website's internal coding. It is not a soap box for discussing someones passwording habits.


----------



## Dragoneer (Feb 27, 2009)

Torin_Darkflight said:


> As everyone should do on a periodic basis, I am currently attempting to change my password on the FA mainsite...


http://www.microsoft.com/protect/yourself/password/checker.mspx

You don't need to have a long password to be secure (not that it hurts). My passwords range from 8 to 16 characters in length, and included mixed characters (upper, lower, number and symbol). Not all websites allow you to use a secure password (like Chase bank and American Express! FUCK YOU, GUYS!).

You just need to have a password that meets a good strength.


----------



## yak (Feb 27, 2009)

Torin_Darkflight said:


> Before anyone else decides to post more smartass comments, the purpose of this thread is to ask what characters and lengths are allowed in FA mainsite passwords. It is a technical question about what kinds of passwords are allowed/supported by the website's internal coding. It is not a soap box for discussing someones passwording habits.



In before you get too frustrated with replies 
Anything can be used as your password and the length is limited by common sense alone.


----------



## Waccoon (Feb 27, 2009)

Most passwords (on all web sites) are hashed from a relatively small set of characters.  A mixture of unusual characters will usually give you more security than a really long password full of standard letters, which is why people encourage using upper case letters and numbers.

64-2000 characters?  Whoa, now that's scary.


----------



## DigitalMan (Feb 27, 2009)

I think you take this way too seriously. And that's not even considering that this is just an art site.

Sometimes, simple is good. Livejournal implemented some restrictions (which I can't remember) a while back that forced me to change my password to something unfamiliar - and thus, I now have to essentially hack my own damn account (after which I will update the associated email address to one I still have). Thank god whatever I changed it to is still simple enough for me to do that, and not some random string no one could ever remember.


----------



## Firehazard (Feb 27, 2009)

Incidentally, the OP was asking why they were getting locked out of their account after changing their password.  So far, our chief coder and the owner of the site have both replied and yet at no point was this question adressed.


----------



## SnowFox (Feb 27, 2009)

Well yak would know better than me, but perhaps the passwords were a bit too long?
Looking at the source code from the control panel page

```
<input type="password" name="newpassword" value="" maxlength="150" class="textbox"/>
<input type="password" name="newpassword2" value="" maxlength="150" class="textbox"/>
```

If there's a maxlength specified on the page I would have thought there would be a restriction in the code too. However, if it was truncating the passwords to 150 characters I would have thought it would do this consistently and would still see it as a correct password :?


----------



## Felicia Mertallis (Feb 27, 2009)

You care waaay to much about the security of your furry porn.


----------



## Toaster (Feb 27, 2009)

MAKE STORIES NOT PORN! 

Dude, realy, a good 6 char password with random letters, numbers, etc is just as safe. Don't over kill it.


----------



## Armaetus (Feb 27, 2009)

I think 8 to 12 characters of mixed characters (numbers, letters, punctuation, etc) is best for FA,


----------

