Maintenance for the week of December 2:
• [COMPLETE] PC/Mac: NA and EU megaservers for patch maintenance – December 2, 4:00AM EST (9:00 UTC) - 9:00AM EST (14:00 UTC)
• Xbox: NA and EU megaservers for patch maintenance – December 4, 6:00AM EST (11:00 UTC) - 12:00PM EST (17:00 UTC)
• PlayStation®: NA and EU megaservers for patch maintenance – December 4, 6:00AM EST (11:00 UTC) - 12:00PM EST (17:00 UTC)
• [COMPLETE] PC/Mac: NA and EU megaservers for patch maintenance – December 2, 4:00AM EST (9:00 UTC) - 9:00AM EST (14:00 UTC)
• Xbox: NA and EU megaservers for patch maintenance – December 4, 6:00AM EST (11:00 UTC) - 12:00PM EST (17:00 UTC)
• PlayStation®: NA and EU megaservers for patch maintenance – December 4, 6:00AM EST (11:00 UTC) - 12:00PM EST (17:00 UTC)
Password Reset
chrisw_63_ESO
✭✭✭
Today when checking my email. I got a 'too many login attempts" email that said I was Required to reset my password. Well, at least they're looking out... I have a password manager. It does not store anything in 'the cloud', so it would be highly unlikely to be breached (<cough>lastpass<cough>). It also generates long random passwords. As I chose over 20 characters for mine, I was not in any danger of getting hacked this century. Unnecessary and annoying, but a few clicks later it was changed.
BUT... security professionals have done studies that show forcing a password reset, when there was no breach, either periodically or otherwise, is actually likely to end up in an easier to crack password. This policy should be looked at and changing it should be seriously considered. At the very least, the reset notice should include an exhortation to use long, random passwords when resetting.
And anyone reading this who doesn't use a password manager.. please seriously consider it. Passwords you can easily remember can also be easy to guess. Long, random character passwords are very hard to 'crack'... and very hard to remember. Password managers remember them for you, and make them easier to enter wherever you log in. Your games are 'only' (
) worth all the time you've put into them. Your bank accounts, credit accounts, merchant accounts... are worth your life savings. I know LastPass has soured a lot of people on password managers, but there are better ones out there. I use an offline password manager called KeePass (free and open source, but not as easy to use as commercial cloud managers). If you must have your passwords in the cloud, BitWarden (also open source and free for most personal needs) is recommended by many security professionals. ***DISCLAIMER: I ain't recommendin' nuthin! (...except that you protect your accounts by using a random password generator.)
BUT... security professionals have done studies that show forcing a password reset, when there was no breach, either periodically or otherwise, is actually likely to end up in an easier to crack password. This policy should be looked at and changing it should be seriously considered. At the very least, the reset notice should include an exhortation to use long, random passwords when resetting.
And anyone reading this who doesn't use a password manager.. please seriously consider it. Passwords you can easily remember can also be easy to guess. Long, random character passwords are very hard to 'crack'... and very hard to remember. Password managers remember them for you, and make them easier to enter wherever you log in. Your games are 'only' (
) worth all the time you've put into them. Your bank accounts, credit accounts, merchant accounts... are worth your life savings. I know LastPass has soured a lot of people on password managers, but there are better ones out there. I use an offline password manager called KeePass (free and open source, but not as easy to use as commercial cloud managers). If you must have your passwords in the cloud, BitWarden (also open source and free for most personal needs) is recommended by many security professionals. ***DISCLAIMER: I ain't recommendin' nuthin! (...except that you protect your accounts by using a random password generator.) 0