Seriously PayPal? I generate a secure 20 character password and I’m not allowed to paste it in? (I used the inspector to hack in the value anyway.)
This post is part of the thread: Passwords – an ongoing story on this site. View the thread timeline for more context on this post.
Gotta love it. Not allowing you to paste it in is a whole new low.
I recently went through making sure all my accounts were using tougher passwords (and unique) as well. The array of bad policies out there is enough to make even an average developer cry. It’s everything from not allowing enough characters, to not allowing special characters, to you name it.
I’ve seen you have had your dislikes about it, but for what it’s worth, I’m a long time user of 1Password and generally find it to be the best solution I’ve found. I started having too many issues with the hash generating algorithms in terms of bad password policies, so I moved away from them.
When I was with WP HelpCenter, I actually wrote a web-app that would generate passwords based on the different hosting providers requirements (GoDaddy has different policies based on whether it’s a MySQL password or a GoDaddy account password, and MediaTemple has different ones for SSH vs other types of their own accounts). So you could select the service provider / type of account and it altered its algorithm in order to generate the most secure password it could for them. That’s not really sustainable in the broader context of a user with so many different needs (e.g. email, banking, pizza, etc), but it was sustainable for our needs at the time with the few types of accounts we had to generate passwords for.
I’m using 1Password now – check the recent posts in the thread. 🙂
Seriously PayPal? I generate a secure 20 character… http://t.co/EQOOx2fkwO
Yeah, I was aware. Mainly mentioning it to say I haven’t seen a better solution that deals with any of the pieces you don’t like about it.
I inspector-hacked in a value in an online ordering form the other day and at least they validated it was too long before they stored it …. cmon PayPal.