July 20th, 2002

Password security

In the past week or so, the number of stolen accounts has been on the rise. The reason is that there are a number of "brute force" programs out there now to sit around for hours, trying to guess an account's password.

So, what did we do to combat it? Three things:

1) We finished our rate-limiting framework and applied it towards failed logins. A brute force program is now severely limited in how fast it can try and guess your password. (Further, we can now see attacks happening in real-time and notify the ISP)

2) We implemented password quality checks throughout the site. When you login, you're now told if your password is easily guessable and tells you to go change it. Also, you can't change your password to something weak, and you can't create a new account with a weak password. We analyzed all the existing passwords, and a pathetic number are trivially brute-forceable. If you see the warning text, please, go change your password.

3) If your account is "hacked" in the future, or already has been, you can delete the hacker's email address, mail the changed password to your old one, and change your password. The trick to this was that there was never a tool for you to delete the hacker's password in the past. There is now: /tools/emailmanage.bml Best, it doesn't let the hacker delete your old email address.

We'll continue to work on improving security. In the meantime, however, don't use "password" for your password. Thanks. :)