Sierra Vista Community Theatre Wiki

Entertain, Educate, Empower and Inspire

User Tools

Site Tools

You are here: Welcome » FAQ's & How To's » All About This Wiki » Passwords
Trace:
faqs:about_this_wiki:passwords

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
faqs:about_this_wiki:passwords [07/04/2025 03:40 PM (5 months ago)] – removed - external edit (Unknown date) 127.0.0.1faqs:about_this_wiki:passwords [07/04/2025 03:40 PM (5 months ago)] (current) – ↷ Page moved from faqs_how_tos:about_this_wiki:passwords to faqs:about_this_wiki:passwords Chris Daley
Line 1: Line 1:
 +====== Passwords ======
 +
 +If someone was able to guess your password (or if it leaked), they could go in and make a mess of this wiki in just a few minutes. That's why were pretty strict about passwords.
 +
 +===== Password Requirements =====
 +
 +As you can see, if you ever go into ''Update Profile'' and or use ''Set new password'' on the login screen, we have some requirements for your password:
 +
 +  * Must be at least 8 characters long (the longer the better),
 +  * It needs to include both upper and lower case letters and either numbers or special characters,
 +  * You can't use your user name in your password, and 
 +  * You can't use any of the [[wp>10,000_most_common_passwords|10,000 most commonly used passwords]]. (Bet you've used at least one of them.)
 +
 +===== Why do we care? =====
 +
 +**Passwords leak. A lot!**
 +
 +[[https://www.upguard.com/blog/biggest-data-breaches-us|Here's]] a list of major leaks, including from Yahoo, Facebook, Adobe and EBay. [[https://haveibeenpwned.com/PwnedWebsites|Here's]] an even bigger list of websites that have leaked passwords.
 +
 +If you use the same password everywhere, odds are it's already on a list. [[https://haveibeenpwned.com/Passwords|Here's]] a place you can safely check%% - HaveIBeenPwned %%only sends encrypted hash values across the Internet.
 +
 +This is why it's best to use a different password for each website. If one leaks, it won't help hackers anywhere else.
 +
 +===== Password Strength Messages =====
 +
 +When you type in a new password, you'll see a message like ''weak, policy not met'' or ''decent''. Here's what it means:
 +
 +^ Message ^ Meaning ^
 +|  **very weak**  | the password can be cracked in under 2 minutes |
 +|  **weak**  | can be cracked in a few days or weeks |
 +|  **decent**  | probably take a couple of months or a year to crack -- good enough |
 +|  **strong**  | would keep the NSA busy for a good while |
 +|  **policy not met**  | does not meet one or more of our requirements listed above |
 +
 +You can check how strong your passwords are at [[https://www.passwordmonster.com/|PasswordMonster]]. PM does all testing locally within your browser. Nothing is send across the Internet.
 +
 +===== Password Managers =====
 +
 +It is a //REALLY //good idea to use a different random password (e.g., ''5csZCzcRG8W'') for each website you visit. But how can you keep track of all those passwords? You can't. That's why using a Password Manager is recommended.
 +
 +You'll find them built into web browsers like [[https://support.mozilla.org/en-US/kb/manage-your-logins-firefox-password-manager|Firefox]]. Google Chrome & Android has [[https://passwords.google.com/|a manager]]. Apple's [[https://support.apple.com/en-us/109016|iCloud Keychain ]]is a good option.
 +
 +If you prefer an independent option, [[https://bitwarden.com/|Bitwarden]] comes //**highly **//recommended by [[people:chris_daley|Chris Daley]]. It works cross-platform with Apple, Android, Windows, and Linux computers. It's [[wp>open source|open source]] and free/cheap to use.
 +
 +===== More questions? =====
 +
 +Ask one of the [[people:wiki_admins|Wiki Admins]].
 +