VATUSA Forums
General => General Discussion => Topic started by: Brandon Bartell on January 09, 2009, 05:44:57 PM
-
We are using our VATSIM password more and more on this website.... is there any chance we can change the member login to use our vatsim password as well.
-
We are using our VATSIM password more and more on this website.... is there any chance we can change the member login to use our vatsim password as well.
You could just change your password to your VATSIM password
-
You could just change your password to your VATSIM password
Good Point
-
A little off topic, but does anybody know how to change you Vatsim password?
-
A little off topic, but does anybody know how to change you Vatsim password?
It depends what you mean by change.
If you mean "I want to change my password to be "cool-pilot7" or indeed any other alphanumeric combination of choice then you are out of luck.
On specific occassions, such as a security compromise, it is possible to have a password reset by the VATSIM Membership team. They can be contacted at www.vatsim.net/mememail.php
-
Quick question.
Seeing that we have all of the ARTCCs here, should we not add the CERAPs in to their respective region? The San Juan and Guam CERAPs don't have anything here, unless we want them included in ZOA and ZNY/ZMA's forums.
BL.
-
What is the reason we are not allowed to change our PW?
It depends what you mean by change.
If you mean "I want to change my password to be "cool-pilot7" or indeed any other alphanumeric combination of choice then you are out of luck.
On specific occassions, such as a security compromise, it is possible to have a password reset by the VATSIM Membership team. They can be contacted at www.vatsim.net/mememail.php
-
What is the reason we are not allowed to change our PW?
Some people would choose very silly, or easily guessed combinations (for example 1234).
Unless somebody with access looks up your password (of which there are only a few people who can, and this is recorded) , the only person who knows what it is, is you. In our environment you can't get much more safe than that.
-
That is easily prevented with RegEx.
My current PW assigned by the system is easier to guess than what I would make it.
Some people would choose very silly, or easily guessed combinations (for example 1234).
Unless somebody with access looks up your password (of which there are only a few people who can, and this is recorded) , the only person who knows what it is, is you. In our environment you can't get much more safe than that.
-
This makes sense.
Having a numeric password given to your by VATSIM and being unable to change it greatly increases security. At least I think so, I'm no computer wiz, so I don't know if it is easy to hack someone's account or something like that.
-
Actually, by keeping it static and never changing it makes it less secure.
This makes sense.
Having a numeric password given to your by VATSIM and being unable to change it greatly increases security. At least I think so, I'm no computer wiz, so I don't know if it is easy to hack someone's account or something like that.
-
It isn't going to change, so there's no point in debating it
-
You seem to use that reply with a lot of things, and things do change...
There is a reason why they created SOX audits for companies, and they do have good security suggestions.
And since our CID is published everywhere, that is half of our information in plain sight. Brute forcing a system generated PW would not be difficult.
It isn't going to change, so there's no point in debating it
-
You seem to use that reply with a lot of things, and things do change...
There is a reason why they created SOX audits for companies, and they do have good security suggestions.
And since our CID is published everywhere, that is half of our information in plain sight. Brute forcing a system generated PW would not be difficult.
Don't go under the misunderstanding that all passwords are 6 numbers. Even using brute force isn't the solution since VATSIM uses other measures to check people's connection.
-
Don't go under the misunderstanding that all passwords are 6 numbers. Even using brute force isn't the solution since VATSIM uses other measures to check people's connection.
Actually the main reason for not changing passwords has to do with the FSD network architecture. The way the FSD servers receive the member account and password ensures that members never have downtime. The passwords are encrypted and sent to the servers along with any rating changes usually once or twice per day.
Yes, I know, there are more advanced ways of managing this, but until a developer decides to take the task on it isn't happening.
Richard Jenkins
-
Yes, I know, there are more advanced ways of managing this, but until a developer decides to take the task on it isn't happening.
Makes me wish I knew how to write asynchronous multi-threaded server code so I could offer to help. One day, maybe.
Cheers!
Luke