First impression

I thought, in my first post I would write about “What this page is going to be about”, but as I was signing up for a WordPress account, I noticed something peculiar. So, I guess, the blog description can wait.

To avoid keeping track of different password for signup on any random site, I generally maintain 4 passwords with increasing level of complexity. The password I use at any signup depends on what kind of data that site holds. e.g. any gaming or random website will have level 1 password, level 2 for social networking, level 3 for mail accounts and level 4 for …umm…. well I rarely use them. ( Bank account passwords have passwords on a diffrent level :P ).

So here is what happens when I try to sign up for wordpress.

Try 1:

1. Use level 1 password.

(

hmm… It says that my password does not meet security guidelines, then why is it saying that my password is Strong. Lets try again

Try 2:

Use level 2 password …. same result.

hmm…. so I will have to use a secure password here. I use this only for places I visit (at least) daily, and I am not sure I shall be so frequent here. Anyway, I use the password.

Voila!! I have a wordpress account.No issues. It is a popular site, so its good that they press hard on security. An email has been sent to me with further instructions. So I check my mail, and …..

There it lies, staring at my face, a combination of letters I type so frequently, which I so often see in my head…. thats it… in my head. There lies my password in plain text for anyone standing behind me to see. They make me use one of my secure passwords and then they send it to me in plain text. What kind of policy is that !!!

Why would anyone want to see his password. If I forget it, you can give me an option of reset, set it to something random and send me that random word which I can change after logging in.

Maybe I am missing the bigger picture here, but to me it looks like a HUGE mistake. Please enlighten me or make WordPress more tolerent to weaker passwords

Advertisement
Explore posts in the same categories: Rants, Thoughts

This entry was posted on February 11, 2008 at 5:48 pm and is filed under Rants, Thoughts. You can subscribe via RSS 2.0 feed to this post's comments.

Tags: , , ,

You can comment below, or link to this permanent URL from your own site.

2 Comments on “First impression”

  1. leafless Says:

    February 11, 2008 at 6:24 pm

    WordPress has rules for creating passwords (length, minimum number of numeric numbers, ect). No matter how great your password is, it will not be accepted if it does not the minimum requirements. Furthermore, not everyone is good at remembering his or her password.

  2. lsclear Says:

    February 11, 2008 at 6:31 pm

    @leafless
    I know there are rules for password strength. My problem is something else
    1. Why is it rejecting my password even when it evaluates it as strong (see picture)

    2. Why is the password sent to me in plain text ? If people cant remember their, I have suggested a way out for that also. Reset >> send >> login >> change


Leave a Reply

Fill in your details below or click an icon to log in:

Gravatar
WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Cancel

Connecting to %s

Follow

Get every new post delivered to your Inbox.