In order to enhance security and increase the protection of your account, AffiliateFuture is implementing a new password protection system for all merchants and affiliates. From Friday 16th February 2007, you will be required to select a new password at least every 90 days. If your password has not been updated within the last 90 days, you will be clearly prompted to update your password during the login process. As soon as you have submitted your new passwords, the changes will take immediate effect and you will be logged into your account as usual.
We strongly recommend that you use a 'secure' password (i.e. one which contains both letters and numbers, and is at least 8 characters long) in order to protect your account from any unauthorised access. Also remember to keep your password private and never disclose it to any unauthorised party.
Should you have any queries relating to the new system, please contact enquiries@affiliatefuture.co.uk.
Thanks,
The AF Team
Peter Dickenson Peter@affiliatefuture.co.uk
Barbados...We hired a theme park....join the affiliatefuture cult
Its going to be a pain - but its such a good idea. I know I am lazy with my passwords in terms of changing them regulary, however most my important passwords are at least 12 characters long and contain both numbers and letters and are specific to the site.
IMO most people will just swap between two passwords every 90 days detroying the point really?
Ta
cheers...
i m too good in forgetting Passwords!
It's still going to be more secure to swap 2x 8 letter/number combo password every 90 days than to not bother doing it.Originally Posted by Barry
On the whole you should be ok with a 8 character long password with numbers and letters as most “hack” are just brute force attacks using the dictionary.
You would be shocked at the number of people that put “password” or there name or name of pet/son/daughter and so on down as there password.. They might as well not bother with one if they do that
Anyway changes to improve security are always a good thing, they can be an extra little pain but worth while one. Only thing I need to do now is remember to tell anyone else working on my AF account when I change the password and same goes for them telling me.
Yes we thought that would cause a few issues. We have multiple users on the merchant side and we're going to monitor this and see if we should bring across to the affiliate side or whether it'll force inter affiliate communication!Only thing I need to do now is remember to tell anyone else working on my AF account when I change the password and same goes for them telling me.
Peter Dickenson Peter@affiliatefuture.co.uk
Barbados...We hired a theme park....join the affiliatefuture cult
well I just hope that all the networks don't go down this route - as I'll, personally, find it a nightmare trying to remember all the passwords (stop laughing, ClarkeCode:you will be required to select a new password at least every 90 days.)
and I actually find this a bit 'big brotherish' - surely it's up to the individual whether they want to change passwords or not - sure, remind everybody how important it is to have a secure password - by the way our dog's called 157chuckysnot - and explain the best type to have, but being forced to think of a new one every so often, and remember it, is going a bit too far IMHO
Elaine - Children's Rooms, Allkids & Toddler Beds
email: info @ childrens-rooms.co.uk
01642 440110
Parent Centre - Parenting Blog
Wait until your account is hacked, the bank details changed and some guy from a far off place is having a good time with your hard earned cash. You will be on to the Network saying hey what you did to protect me.
By the way the reason I am so supportive of this type of thing as I have seen people try to hack other accounts, I seen people who left companies go in post things to merchants (not nice things) and I think well if they changed the password when the person left that wouldn't have happened. I have also many years ago seen the worst security of any Network ever, so bad in fact a child of 10 could have hacked any account, I reported it and they changed it, well months later they did.
And with the amount of key loggers kicking about these days, it's only a matter of time before your details are recorded some place and someone has access to your account. Mmmm getting myself all paranoid now, ok so not happening loads and loads but when your dealing with other people’s money it's important everyone is doing something to protect it. No I am not about to make everyone on Paid On Results change passwords right now but might not be an idea to have them swap to a new one every so often.. After all hands up how many people use the same password across different Networks.. Yeah a bunch of you, don’t ever do that!
I use this for keeping passwords / generating passwords: http://www.iliumsoft.com/site/ew/ewallet.htm
It has a destop version too so you can just go in and copy and paste your passwords when you need to enter them. I used to have the same password for everything which was a big mistake :s
nope I'll be the one apologizing for causing so much hassle and for not listening to good advice in the first placeYou will be on to the Network saying hey what you did to protect me
but - if someone can get into my account, 'cos someone else was playing silly beggars then I'd be onto the network.
but I hear what you're all saying - going to sit down now and sort my passwords and think up loads that I can use every 90 days.
Elaine - Children's Rooms, Allkids & Toddler Beds
email: info @ childrens-rooms.co.uk
01642 440110
Parent Centre - Parenting Blog
Why don't you enforce the use of a secure password, rather than enforce a change of passwords every 90 days?
Isn't a secure password more effective than a regularly changed insecure one?
I think this is silly.. why 90 days? why not make it every week? If someone has got your password they're going to use it that very same day. Just enforce a more secure password. If companies like eBay and Hotmail don't have this feature then why does this company need it. I use a home computer and my password is saved, I never had to enter it as its automatically inputted for me. Having to change it every 90 days is only going to increase the chance of a keylogger catching it. This change also gives an opportunity for scam artists to send fake emails saying "Its time to change your password! Enter your old and new password below"
Rant Off.
I'm not actually that bothered to be honest.
Good job extra security is good!
One thing though when you log in you can still see your username & password in the status bar this is not good if you have other people around you and it's taking time to log in!
Thanks Lee
dosent really matter how secure it is if your allowed as many attempts as you want logging in and trying again and again and again...etc untill .... ohh look ive cracked it
place a limit on failed attempts lock the account for a limited time and stop brute force attacks dead
and naturally change your user name to something else and not your domain name
Last edited by Itchy; 16-02-07 at 05:52 PM. Reason: Having a bad spelling day ... asusal
I'm not the Messiah!
I say You are, Lord, and I should know. I've followed a few.
yeah this is going to be a nightmare for nic now
Tokyo::Paris::New York::Bromley
Why not just have a system that when you change bank details or any details an automated email goes out and asks you to confirm the change
There are currently 1 users browsing this thread. (0 members and 1 guests)
Posting Permissions
LinkBack URL
About LinkBacks
Reply With Quote
Bookmarks