Scratchifier wrote:

Sheep_maker wrote:

Probably a few sentences that are easy to remember, like the lyrics to happy birthday

nope just random gibberish

_Portavia_ wrote:

Scratchifier wrote:

as someone with a 75 character password that I still remember after almost 7 years, support

How can you remember a password with 75 letters?

muscle memory, just extended it by a few characters every time I got comfortable with it pretty much

Wow

*crickets*


*pokes topic*
*pOke PoKe POke*

*topic suddenly ascends the forums* :ooo

*pokes topic again*
pOke

It also says that your password can't be your username.

kritav wrote:

It also says that your password can't be your username.

Yeah, that too.. but I meant by that that password security doesn't seem like a priority to the Scratch Team. Although I know Scratch is safe, it's always good to get young users in the habit of making secure passwords, so that they know to make secure passwords when they grow up.

b u m p

This seems like a great idea! I like how this can add another barrier to protecting against being hacked, because I can see why being hacked would be pretty scary.

Support

No support, as this could lead to multiple password resets. There are websites that make reliable, easy to remeber passwords

Semi-support.
So, instead of not letting you use a week password, it would simply advise you that the password you chose is weak. For example:

Password checker wrote:

Your password is Weak we advise that you make it stronger by ….

and so on.

Dragonlord767 wrote:

Semi-support.
So, instead of not letting you use a week password, it would simply advise you that the password you chose is weak. For example:

Password checker wrote:

Your password is Weak we advise that you make it stronger by ….

and so on.

That does sound like a better idea for everyone. I think that although Scratch is safe, we should get people into the habit of using long and strong passwords on other websites.

Support- while I do understand that there is barely any hacking on a kids website, there's still the possibility of it.

Support! They should also make it so that you can't just enter your username. There was a situation a while ago with a user with their username as their password, and multiple people logged into their account. (The user was blocked, no one had malicious intent.) This just seems like a great idea in general

much bump
very suggest

Half support from me. I agree on the concept of making Scratch warn the user of a weak passwords, but not about the part of forcing people to make passwords that are 8 characters long. I think this will just lead to lost accounts, especially on the younger users.

ResExsention wrote:

Half support from me. I agree on the concept of making Scratch warn the user of a weak passwords, but not about the part of forcing people to make passwords that are 8 characters long. I think this will just lead to lost accounts, especially on the younger users.

There's a “forgot password?” button, so you can't lose your account because of that. My password is 17 characters long and I remember it perfectly well. Don't make passwords like “fdixjghf” but more like “Hi I'm a unicorn l0ok at me”, it's long yet easy to remember.

Lol. I have four passwords between 12 and 30 characters long, and I don't forget them, and I use the KeePass manager to generate random passwords for more critical accounts. It's the younger users of Scratch that concern me and lost accounts. Then they would have to go through the hassle of getting their account back, over a “no passwords less than 8 chars” rule.

I know. I have four passwords between 12 and 30 characters long, and I can remember them quite well. For backup passwords, I use KeePass to generate 60 character long passwords, too. What's concerning about this suggestion is that if the younger users lose their passwords they will have to go through the hassle of getting their account back, over a “no short passwords” rule. Still don't support.