Suggestion: Passworded forum replacement

Discuss features as they are added to the new version. Give us your feedback. Don't post bug reports, feature requests, support questions or suggestions here.
Forum rules
Discuss features as they are added to the new version. Give us your feedback. Don't post bug reports, feature requests, support questions or suggestions here. Feature requests are closed.
Post Reply
parry60
Registered User
Posts: 5
Joined: Fri May 09, 2003 9:00 pm

Suggestion: Passworded forum replacement

Post by parry60 »

Typing in a password to get to a certain forum can get quite repetitive, especially if you jump around to different forums, right?
Well, here's my idea.
Instead of having password-protected forums, you should have password-protected usergroups. This way, to join a usergroup, you must enter a password, and then that usergroup could have permissions to access the passworded forum.
-----BEGIN GEEK CODE BLOCK-----
GCS d- s:- a---- C++++ UL++++ P+ L+++ E- W+++ N+ o K+ w---
O- M+ V-- PS+++ PE-- Y+ PGP t 5 X R tv-- b++ DI+ D+
G e-- h! r-- y
------END GEEK CODE BLOCK------
Sheps
Registered User
Posts: 15
Joined: Fri Dec 21, 2001 1:05 am
Location: Canada
Contact:

Re: Suggestion: Passworded forum replacement

Post by Sheps »

I like the idea of the password protected forum
Sheps

http://www.sheppard-design.com
webmaster@sheppard-design.com

"Divine intervention is unlikely"
Linkooseven
Registered User
Posts: 18
Joined: Fri Apr 25, 2003 8:26 pm
Location: Michigan
Contact:

Re: Suggestion: Passworded forum replacement

Post by Linkooseven »

I like the Passworded forum...

But you should be posting suggestions etc at the Tracker--located at SourgeForge.
Image
hmueller
Registered User
Posts: 16
Joined: Thu Feb 27, 2003 6:46 pm

Re: Suggestion: Passworded forum replacement

Post by hmueller »

Hello,

by they way - is it planned to include a "wrong password error" in 2.2 (i mean: three times the wrong password --> auto-ban for the next 24 hours or so)???
Best regards,

Hans
Heimidal
Registered User
Posts: 53
Joined: Fri Jul 06, 2001 11:56 am
Location: Greeley, CO, US
Contact:

Re: Suggestion: Passworded forum replacement

Post by Heimidal »

hmueller wrote:Hello,

by they way - is it planned to include a "wrong password error" in 2.2 (i mean: three times the wrong password --> auto-ban for the next 24 hours or so)???
What's the point? If they don't have the right password, they can't access their account anyway. Why ban them when they could potentially figure out the right password on the next try?
User avatar
haravikk
Registered User
Posts: 292
Joined: Sun Apr 20, 2003 5:05 pm
Contact:

Re: Suggestion: Passworded forum replacement

Post by haravikk »

People trying to guess it I suppose, or even bots which try different passwords over and over again? Personally I don't think a ban would solve it if someone was trying to hack the account, anyone could potentially ban a user by putting in wrong passwords. Better to have it brought to the admin's attention that the account has had X password attempts in the past Y hours/days.
Or even, after so many password attempts the user will recieve their password through e-mail, basically an automatic "forgot my password", all further password attempts can't trigger another e-mail (to stop someone spamming using this).
Images in sigs! please.
Adam Atlas
Registered User
Posts: 66
Joined: Fri May 09, 2003 4:31 pm
Contact:

Re: Suggestion: Passworded forum replacement

Post by Adam Atlas »

haravikk wrote:Or even, after so many password attempts the user will recieve their password through e-mail, basically an automatic "forgot my password", all further password attempts can't trigger another e-mail (to stop someone spamming using this).
It would be basically impossible to do this- the passwords are stored encrypted, using a one-way digest algorithm (MD5), which can't be decrypted (except by using an extremely time-consuming, CPU-intensive brute-force cracking process).
fun, sigs work!!!
Shining Arcanine
Registered User
Posts: 22
Joined: Tue Mar 18, 2003 8:52 am

Re: Suggestion: Passworded forum replacement

Post by Shining Arcanine »

hmueller wrote:Hello,

by they way - is it planned to include a "wrong password error" in 2.2 (i mean: three times the wrong password --> auto-ban for the next 24 hours or so)???
I like this idea. It will keep people from attempting to hack accounts. After all, if you are too stupid to type your password in correctly 3 times in a row, you deserve to be autobanned for a day. :lol:
Adam Atlas wrote:
haravikk wrote:Or even, after so many password attempts the user will recieve their password through e-mail, basically an automatic "forgot my password", all further password attempts can't trigger another e-mail (to stop someone spamming using this).
It would be basically impossible to do this- the passwords are stored encrypted, using a one-way digest algorithm (MD5), which can't be decrypted (except by using an extremely time-consuming, CPU-intensive brute-force cracking process).
Then I would love to know how phpBB 2.04's "I forgot my password" feature works.
User avatar
benchayeel
Registered User
Posts: 64
Joined: Sun May 11, 2003 6:25 pm

Re: Suggestion: Passworded forum replacement

Post by benchayeel »

It allows you to reset you password, It does not send you your current password
User avatar
psoTFX
Registered User
Posts: 1984
Joined: Tue Jul 03, 2001 8:50 pm
Contact:

Re: Suggestion: Passworded forum replacement

Post by psoTFX »

/me notes (again) that no requests should be posted here ;)

The problem with the three strikes method as outlined here is the inconvenience it causes to users. There are more than a few people who would simply go through the user list trying random passwords causing people trouble.

Even the alternative of some timed ban can be rather irritating, but wrt this we'll see.
Post Reply