Keep having to change passwords for the forum and had to do yesterday as password was 30 days old! Bit of a pain and done several times now.

PITA but at least it lets you change it to the same password you were using before.

I’ll look at disabling this now we use https.


Sent from my iPhone using Tapatalk

Oh that would be amazing. It is such a faf whe you have to keep updating it.

Any update on this?

The boss is getting old and possibly forgot as i also forgot my password

No biggie changing your password every month is it....!?! At least you can use the same password......


Sent from my iPhone using Tapatalk

Sorry guys, going to leave this as is, helps stop spam bots.

Spambot has been taken what a bummer lol

Spambot has been taken what a bummer lol

has it lol? never checked that one :roflmao:

I agree that this is a complete pain. I am only an occasional user of this forum and it seems that I have to change my password almost every time I use it.

The idea that regular enforced password changes are desirable is now largely discredited. See for example https://www.ncsc.gov.uk/blog-post/problems-forcing-regular-password-expiry

What is far more important is to have a different strong password for every site, which means in practice using a password manager. If every site I used had a similar policy to this forum I would be faced with changing passwords somewhere or other more or less every day.

It's not as if this site has a particularly strong security requirement. It's a support site. Anybody can get an account, and accounts don't have anything worth stealing. There's very little to be gained by breaking into somebody else's account.

Please, can't we get rid of this password expiry policy?

There is quite a bit to be gained by hacking an account. For example some forum users sell satellite related items on the forum - a hacker could list an item for sale using a trusted account and disappear with the money. this happens on forums across the web on a regular basis.

There is quite a bit to be gained by hacking an account. For example some forum users sell satellite related items on the forum - a hacker could list an item for sale using a trusted account and disappear with the money. this happens on forums across the web on a regular basis.

Well maybe, but I don't really see how it helps to make me change a perfectly good password. Either I keep it secure or I don't. If somebody hacks my password manager, they will get the current password regardless of how old it is. If somebody is in the habit of choosing weak passwords, they will do so regardless of how often they have to change it.

Making people change passwords too frequently simply makes it more likely that they will store it insecurely, or use a predictable sequence or some such. It may have been a good idea back in the days when passwords were sent over the network in the clear, but those days are long gone.

In my experience, very few sites now enforce regular password changes - certainly nowhere near as frequently as this forum.

just use the same and no problems .Simply severall clicks and oke

just use the same and no problems .Simply severall clicks and oke

Oh. It didn't occur to me that I would be able to "change" it to the same as it was! That seems truly perverse.