Your browser isn't supported
It looks like you're using an old web browser. To get the most out of the site and to ensure guides display correctly, we suggest upgrading your browser now. Download the latest:

Welcome to the MSE Forums

We're home to a fantastic community of MoneySavers but anyone can post. Please exercise caution & report spam, illegal, offensive or libellous posts/messages: click "report" or email forumteam@. Skimlinks & other affiliated links are turned on

Search
  • FIRST POST
    • Exemplar
    • By Exemplar 10th Feb 18, 9:13 AM
    • 1,146Posts
    • 460Thanks
    Exemplar
    4409 days old password?
    • #1
    • 10th Feb 18, 9:13 AM
    4409 days old password? 10th Feb 18 at 9:13 AM
    Just had this appear when logging in to the MSE forums:

    Your password is 4409 days old, and has therefore expired.

    4409? Struggling to see the logic there as:

    4409/365 = 12.079
    4409/52 = 84.788
    4409/7 = 629.857

    At my old company it was every 42 days as 42/7 = 6 so a logical format?

    I'm not criticising at all, just wondering!
    'Just because its on the internet don't believe it 100%'. Abraham Lincoln.
Page 1
    • elsien
    • By elsien 10th Feb 18, 9:14 AM
    • 16,516 Posts
    • 41,691 Thanks
    elsien
    • #2
    • 10th Feb 18, 9:14 AM
    • #2
    • 10th Feb 18, 9:14 AM
    It's the site, they're making everyone do it. Several other threads floating about somewhere.
    All shall be well, and all shall be well, and all manner of things shall be well.

    Pedant alert - it's could have, not could of.
    • Exemplar
    • By Exemplar 10th Feb 18, 9:18 AM
    • 1,146 Posts
    • 460 Thanks
    Exemplar
    • #3
    • 10th Feb 18, 9:18 AM
    • #3
    • 10th Feb 18, 9:18 AM
    Ah right.. Thanks!
    'Just because its on the internet don't believe it 100%'. Abraham Lincoln.
    • ballyblack
    • By ballyblack 10th Feb 18, 10:54 AM
    • 3,626 Posts
    • 1,881 Thanks
    ballyblack
    • #4
    • 10th Feb 18, 10:54 AM
    • #4
    • 10th Feb 18, 10:54 AM
    I wonder has MSE had a hack scare?? making us all change passwords!!


    .
    Last edited by ballyblack; 10-02-2018 at 10:58 AM.
    • grahamgoo
    • By grahamgoo 10th Feb 18, 10:59 AM
    • 285 Posts
    • 150 Thanks
    grahamgoo
    • #5
    • 10th Feb 18, 10:59 AM
    • #5
    • 10th Feb 18, 10:59 AM
    Yeah mine was something random like 2436 days. Should probably be changing passwords much more frequently!
    • John Gray
    • By John Gray 10th Feb 18, 11:07 AM
    • 5,199 Posts
    • 2,981 Thanks
    John Gray
    • #6
    • 10th Feb 18, 11:07 AM
    • #6
    • 10th Feb 18, 11:07 AM
    Yeah mine was something random like 2436 days. Should probably be changing passwords much more frequently!
    Originally posted by grahamgoo
    Office 365 suggests you keep the same logon password permanently...
    • agrinnall
    • By agrinnall 10th Feb 18, 11:38 AM
    • 20,321 Posts
    • 16,066 Thanks
    agrinnall
    • #7
    • 10th Feb 18, 11:38 AM
    • #7
    • 10th Feb 18, 11:38 AM
    Yeah mine was something random like 2436 days. Should probably be changing passwords much more frequently!
    Originally posted by grahamgoo
    How is it random? Given that you've been on the site for almost 7 years then that seems to be the correct number of days since you last changed your password (assuming that, like me, you've never changed it).
    • AnotherJoe
    • By AnotherJoe 10th Feb 18, 11:59 AM
    • 9,594 Posts
    • 10,664 Thanks
    AnotherJoe
    • #8
    • 10th Feb 18, 11:59 AM
    • #8
    • 10th Feb 18, 11:59 AM
    Yeah mine was something random like 2436 days. Should probably be changing passwords much more frequently!
    Originally posted by grahamgoo
    No, you shouldn't. There's no advantage to changing passwords, if anything it indirectly decreases security.
    • grahamgoo
    • By grahamgoo 11th Feb 18, 9:22 AM
    • 285 Posts
    • 150 Thanks
    grahamgoo
    • #9
    • 11th Feb 18, 9:22 AM
    • #9
    • 11th Feb 18, 9:22 AM
    How is it random? Given that you've been on the site for almost 7 years then that seems to be the correct number of days since you last changed your password (assuming that, like me, you've never changed it).
    Originally posted by agrinnall
    Yes - I didn't mean completely random, just that it wasn't a set password expiry period such as 30 or 90 days. Pretty much all my work related passwords have such a policy along with various rules on length, use of non-standard characters, not using a password that has been used before etc etc.

    I'd be interested to hear thoughts on why changing passwords regularly would not be a good idea. I've always thought that if a password was compromised, then if it remains the same then it would be easier for someone else to log in to an account indefinitely.
    • alanwsg
    • By alanwsg 11th Feb 18, 9:43 AM
    • 515 Posts
    • 224 Thanks
    alanwsg
    I'd be interested to hear thoughts on why changing passwords regularly would not be a good idea. I've always thought that if a password was compromised, then if it remains the same then it would be easier for someone else to log in to an account indefinitely.
    Originally posted by grahamgoo
    Here's a good write-up.
    Basically, the best thing to do is use a password manager.

    https://nakedsecurity.sophos.com/2017/08/11/why-nists-bill-burr-shouldnt-regret-his-2003-password-advice/
    • AnotherJoe
    • By AnotherJoe 11th Feb 18, 11:14 AM
    • 9,594 Posts
    • 10,664 Thanks
    AnotherJoe
    Yes - I didn't mean completely random, just that it wasn't a set password expiry period such as 30 or 90 days. Pretty much all my work related passwords have such a policy along with various rules on length, use of non-standard characters, not using a password that has been used before etc etc.

    I'd be interested to hear thoughts on why changing passwords regularly would not be a good idea. I've always thought that if a password was compromised, then if it remains the same then it would be easier for someone else to log in to an account indefinitely.
    Originally posted by grahamgoo
    Multiple reasons, mostly statistical, eg what people do overall

    - Given many passwords regularly changing they get fed up and drop to one or very few passwords they use across sites. You or I may not do this but in general that's what happens. So, a breach when it comes doesn't just expose their forum password but their banking one, say.

    - People can no longer remember all the changing passwords and write them down somewhere easily accessible, worst case the classic sticky note on the front of the computer screen (or maybe to be secure, on the back ) You or I may not do this and will use a password manager, but in general that's what happens. This is a classic at workplaces where its common to see a sticky with "this weeks password" written on it. Heres a recent example.

    - You get fed up changing passwords all the time and gradually move from complex ones to simpler ones because its an effort to generate a new complex one, make a note of it soemwhere secure, etc. You or I may not do this and will use a password manager to generate super complex ones and store them securely, but in general that's what happens, so over time passwords get simpler and easier to crack.

    - Forcing non reuse simply moves people to circumvent with a number. eg SooperSecr$t01 changes to SooperSecr$t02, and if they only check the last ten, back to SooperSecr$t00, then 01 etc. So knowing there is likely a one or two digit number at the start or end of a password makes brute force attacks easier, and potentially leads to more easily guessable passwords because people have satisfied the "must have a number" condition except now its plain the number will always be one or two digits start or end whereas they might not have done that in the past

    - its pointless. If there's been a hack, change it. If there hasn't, well that means that your current password is good enough not to be guessed or brute forced, assuming someone is trying to do that, so why change it? And if they arent trying to guess or brute force it, remind me what was the point ?

    - its efficiency draining and counterproductive, especially in the workplace where you may have dozens to hundreds of passwords and may literally end up changing one most days, ending up with your forgetting them and needing to spend time doing resets with IT support or ending up with them written in a little book or in an easily accessible place like a spreadsheet. Number of people i knew at work with all their passwords and user names in a spreadsheet was legion.
    • Colin_Maybe
    • By Colin_Maybe 11th Feb 18, 1:23 PM
    • 2,212 Posts
    • 1,023 Thanks
    Colin_Maybe
    I just used the same (random) password to "change" it and the site didn't even blink.
    • mummytummy
    • By mummytummy 14th Feb 18, 1:29 AM
    • 729 Posts
    • 3,639 Thanks
    mummytummy
    I just used the same (random) password to "change" it and the site didn't even blink.
    Originally posted by Colin_Maybe

    Same here, just had to do it again!
    1. Sealed Pot Challenge No.11 #11 428.74
    2. MFiT-T4 #62 (74.3% saved)
    3. Save 12k in 2018 #144 700/3000 = 23% saved
    • ferry
    • By ferry 14th Feb 18, 7:19 AM
    • 1,643 Posts
    • 251 Thanks
    ferry
    Changed my password just 5 days ago and was asked to change it again today as its now 5 days old!
    • GunJack
    • By GunJack 14th Feb 18, 7:36 AM
    • 10,154 Posts
    • 7,595 Thanks
    GunJack
    Yup, think something is going on with the back end...twice in a few days is nuts...
    ......Gettin' There, Wherever There is......
    • tori.k
    • By tori.k 14th Feb 18, 7:49 AM
    • 3,186 Posts
    • 8,086 Thanks
    tori.k
    Same with me four days since last password change, but it allowed me to continue using the same password. So I popped into here to find out what's going on. I just worry it will make me use the newer blue format I like the old green one, so far I've managed to keep it
    Debit to Credit (stage 1) 3652.34 completed 15/10/16
    Debit to Credit (stage 2) 6299.09 completed 25/06/17
    Mortgage Free (stage 3) 140000/ 1500
    Save 12k in 2018 #76 3000/6000
    • poorprince
    • By poorprince 15th Feb 18, 12:25 AM
    • 60 Posts
    • 13 Thanks
    poorprince
    Was this all really necessary?
    Changed my password just 5 days ago and was asked to change it again today as its now 5 days old!
    Originally posted by ferry
    Maybe you broke the whole system. Only joking... I wonder if we can still get our old passwords to work again somehow.
    Last edited by poorprince; 15-02-2018 at 8:09 PM.
    • agrinnall
    • By agrinnall 15th Feb 18, 8:17 AM
    • 20,321 Posts
    • 16,066 Thanks
    agrinnall
    I wonder if we can still get our passwords to work again somehow.
    Originally posted by poorprince
    Passwords are working fine, if you have a problem I doubt if it's connected to the forced change issue.
    • poorprince
    • By poorprince 15th Feb 18, 8:10 PM
    • 60 Posts
    • 13 Thanks
    poorprince
    Passwords are working fine, if you have a problem I doubt if it's connected to the forced change issue.
    Originally posted by agrinnall
    Sorry for being a bit ambiguous. I meant to say 'old' passwords and have now edited my previous post accordingly. Thank you.
    • debitcardmayhem
    • By debitcardmayhem 15th Feb 18, 8:14 PM
    • 8,540 Posts
    • 6,449 Thanks
    debitcardmayhem
    Get real guys , it will be 5 days tomorrow/saturday oh well back to password-1
Welcome to our new Forum!

Our aim is to save you money quickly and easily. We hope you like it!

Forum Team Contact us

Live Stats

3,059Posts Today

8,359Users online

Martin's Twitter
  • Quick #eng pre-match poll. What result do you predict?

  • I agree this glitch wasn't flights for 1p it was flights for c. £200 - I think many would've expected that to be th? https://t.co/QUTnlBLPkj

  • Was the BA fare glitch fair? Are you one of those let down by BA cancelling cheap flights to Tel Avivandr Dubai? H? https://t.co/PvN8Zaxbue

  • Follow Martin